Skip to main content
CVE-2023-1278 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ibos
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-1275 MEDIUM POC This Month

A vulnerability classified as problematic was found in SourceCodester Phone Shop Sales Managements System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Phone Shop Sales Managements System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-24657 MEDIUM POC This Month

phpipam v1.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the closeClass parameter at /subnet-masks/popup.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Phpipam
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
3.9%
CVE-2023-24282 MEDIUM POC This Month

An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE File Upload Trio 8800 Firmware
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-26952 MEDIUM POC This Month

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Onekeyadmin
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-1270 MEDIUM POC PATCH This Month

Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Btcpayserver
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-26950 MEDIUM POC This Month

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Onekeyadmin
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-24532 MEDIUM PATCH This Month

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Go
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-27477 MEDIUM PATCH This Month

wasmtime is a fast and secure runtime for WebAssembly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Cranelift Codegen Wasmtime
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy