Skip to main content
CVE-2023-27641 MEDIUM POC This Month

The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Listserv
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2023-1180 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Health Center Patient Record Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-1181 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository icret/easyimages2.0 prior to 2.6.7. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Easyimages2 0
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1179 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Computer Parts Sales And Inventory System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0734 MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Wallabag
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-26510 MEDIUM This Month

Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ghost
NVD GitHub
CVSS 3.1
5.7
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy