Skip to main content
CVE-2023-0669 HIGH POC KEV PATCH THREAT Act Now

Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Deserialization Goanywhere Managed File Transfer
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
100.0%
CVE-2023-0234 HIGH POC THREAT This Week

The SiteGround Security WordPress plugin before 1.3.1 does not properly sanitize user input before using it in an SQL query, leading to an authenticated SQL injection issue. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Siteground Security
NVD GitHub WPScan
CVSS 3.1
8.8
EPSS
18.0%
CVE-2023-0679 HIGH This Week

A vulnerability was found in SourceCodester Canteen Management System 1.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP SQLi Canteen Management System
NVD VulDB
CVSS 3.1
8.1
EPSS
0.7%
CVE-2023-25016 HIGH This Week

Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Couchbase Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-45589 HIGH This Week

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Esb Runtime
NVD VulDB
CVSS 3.1
7.2
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy