Skip to main content
CVE-2023-23163 CRITICAL POC Act Now

Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Art Gallery Management System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
4.4%
CVE-2023-23162 CRITICAL POC Act Now

Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Art Gallery Management System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
4.4%
CVE-2023-0777 CRITICAL POC PATCH THREAT Act Now

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Modoboa
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
15.1%
CVE-2023-24352 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24351 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24350 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24349 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-24348 CRITICAL POC Act Now

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetACLFilter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-0774 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Medical Certificate Generator App 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Medical Certificate Generator App
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-24347 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24346 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24345 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-24344 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.3%
CVE-2023-24343 HIGH POC This Week

D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 605l Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-0771 HIGH POC PATCH This Week

SQL Injection in GitHub repository ampache/ampache prior to 5.5.7,develop. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Ampache
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24816 HIGH POC PATCH This Week

IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. Public exploit code available.

Python Command Injection Microsoft Ipython
NVD GitHub
CVSS 3.1
7.0
EPSS
1.3%
CVE-2023-23161 MEDIUM POC This Month

A reflected cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Art Gallery Management System
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
5.9%
CVE-2023-23286 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Provide server 14.4 allows attackers to execute arbitrary code through the server-log via username field from the login form. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Provide Server
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
2.6%
CVE-2022-3568 HIGH PATCH This Week

The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

PHP Deserialization WordPress Imagemagick Engine
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-24569 HIGH This Week

Dell Alienware Command Center versions 5.5.37.0 and prior contain an Improper Input validation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Alienware Command Center
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-22832 HIGH PATCH This Week

The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2023-24573 HIGH This Week

Dell Command | Monitor versions prior to 10.9 contain an arbitrary folder delete vulnerability during uninstallation. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Dell Command Monitor
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-23698 HIGH PATCH This Week

Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity.

Information Disclosure Dell Microsoft Alienware Update Command Update
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-24234 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the component php-inventory-management-system/brand.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Inventory Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24233 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/orders.php?o=add of Inventory Management System v1 allows attackers to execute arbitrary web. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Inventory Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24232 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/product.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts or. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Inventory Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24231 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in the component /php-inventory-management-system/categories.php of Inventory Management System v1 allows attackers to execute arbitrary web scripts. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Inventory Management System
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-24230 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability in the component /formwork/panel/dashboard of Formwork v1.12.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Formwork
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy