Skip to main content
CVE-2023-24065 MEDIUM POC This Month

NOSH 4a5cfdb allows stored XSS via the create user page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Nosh Chartingsystem
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0571 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Canteen Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0572 MEDIUM POC PATCH This Month

Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Froxlor
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-0565 MEDIUM POC PATCH This Month

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Froxlor
NVD GitHub
CVSS 3.1
4.9
EPSS
0.6%
CVE-2023-0566 MEDIUM POC PATCH This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor prior to 2.0.10. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Froxlor
NVD GitHub
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-0569 MEDIUM PATCH This Month

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Brute Force Publify
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy