CVE-2023 第3页
排序
CVE-2023-3722: Avaya Aura Device Services – OS Command Injection
漏洞标题 CVE-2023-3722: Avaya Aura Device Services - OS Command Injection 漏洞描述 An OS command injection vulnerability was found in the Avaya Aura Device Services Web application...
2023年12月25日 17:33CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE
漏洞标题 CVE-2023-4521: Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE 漏洞描述 The Import XML and RSS Feeds WordPress plugin before 2.1.5 allows unauthenticated attacke...
2023年12月25日 12:43CVE-2023-38501: CopyParty v1.8.6 – Cross Site Scripting
漏洞标题 CVE-2023-38501: CopyParty v1.8.6 - Cross Site Scripting 漏洞描述 Copyparty is a portable file server. Versions prior to 1.8.6 are subject to a reflected cross-site scripti...
2023年12月25日 11:12CVE-2023-39560: ECTouch v2 – SQL Injection
漏洞标题 CVE-2023-39560: ECTouch v2 - SQL Injection 漏洞描述 ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\h...
2023年12月25日 08:23CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting
漏洞标题 CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting 漏洞描述 WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin...
2023年12月25日 02:59CVE-2023-0552: WordPress Pie Register <3.8.2.3 - Open Redirect
漏洞标题 CVE-2023-0552: WordPress Pie Register <3.8.2.3 - Open Redirect 漏洞描述 WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin...
2023年12月24日 22:55CVE-2023-3578: DedeCMS 5.7.109 – Server-Side Request Forgery
漏洞标题 CVE-2023-3578: DedeCMS 5.7.109 - Server-Side Request Forgery 漏洞描述 Manipulation of the rssurl parameter in co_do.php leads to server-side request forgery in DedeCMS ver...
2023年12月24日 21:35CVE-2023-6020: Ray Static File – Local File Inclusion
漏洞标题 CVE-2023-6020: Ray Static File - Local File Inclusion 漏洞描述 LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication....
2023年12月24日 20:44CVE-2023-33629: H3C Magic R300-2100M – Remote Code Execution
漏洞标题 CVE-2023-33629: H3C Magic R300-2100M - Remote Code Execution 漏洞描述 H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Deltrigg...
2023年12月24日 17:20CVE-2023-31548: ChurchCRM v4.5.3 – Cross-Site Scripting
漏洞标题 CVE-2023-31548: ChurchCRM v4.5.3 - Cross-Site Scripting 漏洞描述 A stored Cross-site scripting (XSS) vulnerability in the FundRaiserEditor.php component of ChurchCRM v4.5....
2023年12月24日 11:55CVE-2023-39121: Emlog 2.1.9 – SQL Injection
漏洞标题 CVE-2023-39121: Emlog 2.1.9 - SQL Injection 漏洞描述 emlog v2.1.9 contains a SQL injection caused by unsanitized input in the data backup/restore functionality, allowing a...
2023年12月24日 06:19CVE-2023-4151: Store Locator WordPress < 1.4.13 - Cross-Site Scripting
漏洞标题 CVE-2023-4151: Store Locator WordPress < 1.4.13 - Cross-Site Scripting 漏洞描述 The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid...
2023年12月24日 03:14CVE-2023-20889: VMware Aria Operations for Networks – Code Injection Information Disclosure Vulnerability
漏洞标题 CVE-2023-20889: VMware Aria Operations for Networks - Code Injection Information Disclosure Vulnerability 漏洞描述 Aria Operations for Networks contains an information dis...
2023年12月23日 20:53CVE-2023-0676: phpIPAM 1.5.1 – Cross-site Scripting
漏洞标题 CVE-2023-0676: phpIPAM 1.5.1 - Cross-site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1. PoC代码
2023年12月23日 13:08CVE-2023-3169: tagDiv Composer < 4.2 - Stored Cross-Site Scripting
漏洞标题 CVE-2023-3169: tagDiv Composer < 4.2 - Stored Cross-Site Scripting 漏洞描述 tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated s...
2023年12月23日 01:18CVE-2023-38952: ZKTeco BioTime <= 9.0.1 - Privilege Escalation
漏洞标题 CVE-2023-38952: ZKTeco BioTime <= 9.0.1 - Privilege Escalation 漏洞描述 BioTime default employee credentials (password 123456) allow login. Sessions are not role-valida...
2023年12月22日 19:58
