CVE-2023-4543

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...

Sql injection

A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and...

CVE-2023-4534

A vulnerability, which was classified as problematic, was found in NeoMind Fusion Platform up to 20230731. Affected is an unknown function of the file /fusion/portal/action/Link. The manipulation of the argument link leads to cross site scripting. It is possible to launch the attack remotely. The...

Command injection

A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can...

CVE-2023-4414 Byzoro Smart S85F Management Platform decodmail.php command injection

A vulnerability was found in Byzoro Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be...

CVE-2023-4410

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L ENV9.3.5u.6146B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may...

CVE-2023-32107

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin = 5.1.3 versions...

Command injection

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L ENV9.3.5u.6146B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may...

CVE-2023-32107

CVE-2023-32107 affects WordPress Photo Gallery by Ays – Responsive Image Gallery,

Security feature bypass

A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been...

CVE-2023-4382

tdevs Hyip Rio 2.1 contains a cross-site scripting vulnerability in the Profile Settings /user/settings, where manipulation of the avatar parameter enables stored XSS. Multiple sources (NVD/NVD mirrors, Exploit-DB, PacketStorm, PRION/Vuln enrichment) document remote exploitation via attacking the...

Wchat 1.6 HTML Injection

==================================================================================================================================== | Title : Wchat v1.6 - Fully Responsive PHP AJAX Chat Script Html code inject Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / brows...

CVE-2023-24409

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...

CVE-2023-24409 WordPress WP Responsive Tabs horizontal vertical and accordion Tabs Plugin <= 1.1.15 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin = 1.1.15 versions...

CVE-2023-24409

CVE-2023-24409 affects the WordPress plugin WP Responsive Tabs (horizontal/vertical/accordion) by an unauthenticated Reflected XSS in versions

WordPress plugin WP Responsive Tabs horizontal vertical and accordion Tabs Cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

PT-2023-19570 · I Thirteen Web Solution · Wp Responsive Tabs

Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs plugin versions prior to 1.1.15 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker ca...

CVE-2023-4169

A vulnerability was found in Ruijie RG-EW1200G 1.01B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/setpasswd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can ...

CVE-2023-4168

A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifi...