Skip to main content
CVE-2023-1494 CRITICAL POC Act Now

A vulnerability classified as critical has been found in IBOS 4.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ibos
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-1484 CRITICAL POC Act Now

A vulnerability was found in xzjie cms up to 1.0.3 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Xzjie Cms
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1483 CRITICAL POC Act Now

A vulnerability has been found in XiaoBingBy TeaCMS up to 2.0.2 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Teacms
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1480 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Monitoring Of Students Cyber Accounts System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-1479 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Simple Music Player 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Simple Music Player
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1482 HIGH POC This Week

A vulnerability, which was classified as problematic, was found in HkCms 2.2.4.230206. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP Hkcms
NVD VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-1489 HIGH POC This Week

A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wise System Monitor
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-26113 HIGH POC PATCH This Week

Versions of the package collection.js before 6.8.1 are vulnerable to Prototype Pollution via the extend function in Collection.js/dist/node/iterators/extend.js. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Prototype Pollution Collection Js
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-1486 HIGH POC This Week

A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Wise Force Deleter
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.5%
CVE-2023-1485 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Young Entrepreneur E Negosyo System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-1481 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in SourceCodester Monitoring of Students Cyber Accounts System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Monitoring Of Students Cyber Accounts System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-24278 MEDIUM POC This Month

Squidex before 7.4.0 was discovered to contain a squid.svg cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Squidex
NVD
CVSS 3.1
6.1
EPSS
2.9%
CVE-2023-28609 CRITICAL PATCH Act Now

api/auth.go in Ansible Semaphore before 2.8.89 mishandles authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Ansible Semaphore
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1493 MEDIUM POC This Month

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Anti Virus Plus
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1492 MEDIUM POC This Month

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Anti Virus Plus
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1491 MEDIUM POC This Month

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Anti Virus Plus
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1490 MEDIUM POC This Month

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Anti Virus Plus
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-1488 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wise System Monitor
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-1487 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54.dll of the component IoControlCode Handler. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wise System Monitor
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2023-28607 MEDIUM PATCH This Month

js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-28606 MEDIUM PATCH This Month

js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy