Skip to main content
CVE-2023-2107 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in IBOS 4.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2106 CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Brute Force Calibre Web
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2097 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-2096 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2095 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2093 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Vehicle Service Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-2092 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Vehicle Service Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-29207 CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation RCE Information Disclosure XSS Xwiki
NVD GitHub
CVSS 3.1
9.0
EPSS
1.4%
CVE-2023-29202 CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation RCE Information Disclosure XSS Xwiki
NVD GitHub
CVSS 3.1
9.0
EPSS
1.4%
CVE-2023-29201 CRITICAL POC PATCH Act Now

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE XSS Xwiki
NVD GitHub
CVSS 3.1
9.0
EPSS
1.2%
CVE-2023-29210 HIGH POC PATCH This Week

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Python Code Injection Xwiki
NVD GitHub
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-29209 HIGH POC PATCH This Week

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Python Code Injection Xwiki
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-2105 HIGH POC PATCH This Week

Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Session Fixation Easyappointments
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2090 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Employee And Visitor Gate Pass Logging System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-2091 HIGH POC This Week

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Youker Assistant
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
1.5%
CVE-2023-29208 HIGH POC PATCH This Week

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-2101 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mogublog
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-2094 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Vehicle Service Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.8%
CVE-2023-29204 MEDIUM POC PATCH This Month

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Xwiki
NVD GitHub
CVSS 3.1
6.1
EPSS
1.8%
CVE-2023-2100 MEDIUM POC This Month

A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-2099 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Vehicle Service Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-2098 MEDIUM POC This Month

A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Vehicle Service Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-27572 MEDIUM POC This Month

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Dg3450 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-2027 CRITICAL Act Now

The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Zm Ajax Login Register
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-26463 CRITICAL Act Now

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Strongswan
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2023-29206 MEDIUM POC PATCH This Month

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Xwiki
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-29205 MEDIUM POC PATCH This Month

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Xwiki
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-2104 MEDIUM POC PATCH This Month

Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Easyappointments
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-2103 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Easyappointments
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-29203 MEDIUM POC PATCH This Month

XWiki Commons are technical libraries common to several other top level XWiki projects. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xwiki
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-27571 MEDIUM POC This Month

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Dg3450 Firmware
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2023-2102 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Easyappointments
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-2089 HIGH This Week

A vulnerability was found in SourceCodester Complaint Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Complaint Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-22670 HIGH This Week

A heap-based buffer overflow exists in the DXF file reading procedure in Open Design Alliance Drawings SDK before 2023.6. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-22669 HIGH This Week

Parsing of DWG files in Open Design Alliance Drawings SDK before 2023.6 lacks proper validation of the length of user-supplied XRecord data prior to copying it to a fixed-length heap-based buffer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Drawings Sdk
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-24607 HIGH PATCH This Week

Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugin is used and the size of SQLTCHAR is 4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Qt
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy