10 matches found
CVE-2023-51519
CVE-2023-51519 (Soliloquy Slider for WordPress) is represented in connected sources as a Missing Authorization/Broken Access Control vulnerability affecting Soliloquy Slider by Soliloquy, specifically versions up to and including 2.7.2. The connected enrichment references this as a Broken Access ...
CVE-2023-45652
CVE-2023-45652: WordPress Remote Content Shortcode
Information disclosure
Outlook for Android Information Disclosure Vulnerability...
Sql injection
A vulnerability was found in Kashipara Food Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file itemBillPdf.php. The manipulation of the argument printid leads to sql injection. The attack may be launched remotely. The exploit has...
Sql injection
A vulnerability classified as critical has been found in Kashipara Food Management System up to 1.0. This affects an unknown part of the file rawstockuseddamagedsmt.php. The manipulation of the argument productname leads to sql injection. It is possible to initiate the attack remotely. The exploi...
Information disclosure
FlyCms through abbaa5a allows XSS via the permission management feature...
Sql injection
A vulnerability classified as critical has been found in Beijing Baichuo S210 up to 20231210. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
Out-of-bounds
In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114746174...
Information disclosure
OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files...
Design/Logic Flaw
A certain ActiveX control in adsiis.dll in Microsoft Internet Information Services IIS allows remote attackers to cause a denial of service browser crash via a long string in the second argument to the GetObject method. NOTE: this issue was disclosed by an unreliable researcher, so it might be...