PT-2023-19642 · Milesight · Milesight Vpn

Name of the Vulnerable Software and Affected Versions: Milesight VPN version 2.0.2 Description: Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detail device functionality. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can...

PT-2023-18721 · Milesight · Milesight Vpn

Name of the Vulnerable Software and Affected Versions: Milesight VPN version 2.0.2 Description: An authentication bypass issue exists in the requestHandlers.js verifyToken functionality. A specially-crafted network request can lead to authentication bypass, allowing an attacker to send a network...

PT-2023-19050 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: An access violation issue exists in the eventcore functionality. A specially crafted network request can lead to denial of service. An attacker can send a network request to trigger this issue...

PT-2023-19033 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: An OS command injection issue exists in the ys thirdparty user delete functionality. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests t...

Functions don't update after being called

Lines of code Vulnerability details Impact Without updating the reserve or vault value of tokens after calling different functions, the contract may be prone to inconsistent state, security issues, financial implications, and bad user experience. It is important to review and update the reserve...

CVE-2023-36819 Knowage-Server vulnerable to Path traversal in download functionalities

Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...

Code injection

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...

CVE-2023-36143

Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the "Diagnostic tool" functionality of the device...

Atlassian Jira < 8.20.20 / 9.4.x < 9.4.4 / 9.5.0 (JRASERVER-75331)

The version of Atlassian Jira Server running on the remote host is affected by a arbitrary file upload vulnerability as referenced in the JRASERVER-75331 advisory. Affected versions of Atlassian Jira Server/DC allows an unauthenticated, remoter attacker to upload arbitrary files to Jira via file...

CVE-2023-3034

Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions =2.0.44...

CVE-2023-3034

Reflected XSS affects the ‘mode’ parameter in the /admin functionality of the web application in versions =2.0.44...

CVE-2023-3034

Summary: CVE-2023-3034 is a reflected XSS vulnerability in the BKG Ntrip Professional Caster (NtripCaster) web app, affecting versions &lt;= 2.0.44. The issue is triggered via the ‘mode’ parameter in the /admin endpoint. Affected software: BKG Ntrip Professional Caster (NtripCaster)

CVE-2023-1844

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachmen...

Design/Logic Flaw

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachmen...

CVE-2023-1844 Subscribe2 <= 10.40 - Missing Authorization

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachmen...

CVE-2023-1844

The CVE-2023-1844 entry concerns the WordPress plugin Subscribe2. The vulnerability arises from a missing capability check when sending test emails, enabling author-level attackers to send emails with arbitrary content/attachments to site users in versions up to and including 10.40. The impact is...

CVE-2023-1844 Subscribe2 <= 10.40 - Missing Authorization

The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachmen...

PT-2023-6249 · Yifan · Yifan Yf325

Name of the Vulnerable Software and Affected Versions: Yifan YF325 version 1.0 20221108 Description: The issue is related to two heap-based buffer overflow vulnerabilities in the httpd manage post functionality. A specially crafted network request can lead to a heap buffer overflow, allowing an...

Xenforo Version 2.2.13 - Authenticated Stored XSS Vulnerability

Exploit Title: Xenforo Version 2.2.13 - Authenticated Stored XSS Exploit Author: Furkan Karaarslan Category : Webapps Vendor Homepage: https://x.com/admin.php?smilies Version: 2.2.12 REQUIRED Tested on: Windows/Linux CVE :...

CVE-2023-32463

Dell VxRail, versions 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction...