Skip to main content
CVE-2023-26876 HIGH POC This Week

SQL injection vulnerability found in Piwigo v.13.5.0 and before allows a remote attacker to execute arbitrary code via the filter_user_id parameter to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi Piwigo
NVD GitHub
CVSS 3.1
8.8
EPSS
9.7%
CVE-2023-30620 HIGH POC PATCH This Week

mindsdb is a Machine Learning platform to help developers build AI solutions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Mindsdb
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-2214 HIGH POC This Week

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2213 HIGH POC This Week

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2212 HIGH POC This Week

A vulnerability was found in Campcodes Coffee Shop POS System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2211 HIGH POC This Week

A vulnerability was found in Campcodes Coffee Shop POS System 1.0 and classified as critical. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2210 HIGH POC This Week

A vulnerability has been found in Campcodes Coffee Shop POS System 1.0 and classified as critical. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2209 HIGH POC This Week

A vulnerability, which was classified as critical, was found in Campcodes Coffee Shop POS System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Coffee Shop Pos System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2208 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in Campcodes Retro Basketball Shoes Online Store 1.0.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Retro Basketball Shoes Online Store
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2207 HIGH POC This Week

A vulnerability classified as critical was found in Campcodes Retro Basketball Shoes Online Store 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Retro Basketball Shoes Online Store
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2205 HIGH POC This Week

A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Retro Basketball Shoes Online Store
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2204 HIGH POC This Week

A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Retro Basketball Shoes Online Store
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-2141 HIGH This Week

An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could lead to post-authentication remote code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Delmia Apriso
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2023-29019 HIGH PATCH This Week

@fastify/passport is a port of passport authentication library for the Fastify ecosystem. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Session Fixation Passport
NVD GitHub
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-30798 HIGH PATCH This Week

There MultipartParser usage in Encode's Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Python Denial Of Service Starlette
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-26557 HIGH PATCH This Week

io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tss Lib
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-2140 HIGH This Week

A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Delmia Apriso
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-26101 HIGH This Week

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Flowmon Packet Investigator
NVD
CVSS 3.1
7.5
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy