Skip to main content
CVE-2023-26987 MEDIUM POC This Month

An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Konga
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2023-29641 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Editor Md
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-29637 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows attackers to inject arbitrary web script or HTML via editing the article content in the "article editor" page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Qbian61 Forum Java
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-29681 MEDIUM POC This Month

Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tenda N301 Firmware
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2023-29680 MEDIUM POC This Month

Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tenda N301 Firmware
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2023-29643 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Perfreeblog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-29639 MEDIUM POC This Month

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the "blog article" page due to the default. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS My Blog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-29638 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS My Site
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-29636 MEDIUM POC This Month

Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the "title" field in the "blog management" page due to the the default. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS My Blog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-27108 MEDIUM POC This Month

An issue was discovered in KaiOS 3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Kaios
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-28092 MEDIUM This Month

A potential security vulnerability has been identified in HPE ProLiant RL300 Gen11 Server. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Integrated Lights Out Firmware Proliant Rl300 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2023-22923 MEDIUM PATCH This Month

A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zyxel Nbg 418N Firmware
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2023-30639 MEDIUM This Month

Archer Platform 6.8 before 6.12 P6 HF1 (6.12.0.6.1) contains a stored XSS vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Archer
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-22503 MEDIUM This Month

Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Atlassian Confluence Data Center Confluence Server
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-22924 MEDIUM PATCH This Month

A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Zyxel Nbg 418N Firmware
NVD
CVSS 3.1
4.9
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy