Skip to main content
CVE-2023-5020 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in 07FLY CRM V2.php/sysmanage/Login/login_auth/ of the component Administrator Login Page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Customer Relationship Management
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5019 CRITICAL POC Act Now

A vulnerability classified as critical was found in Tongda OA. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5016 CRITICAL POC Act Now

A vulnerability was found in spider-flow up to 0.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Java Deserialization Spider Flow
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-5014 CRITICAL POC Act Now

A vulnerability was found in Sakshi2610 Food Ordering Website 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Food Ordering Website
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-5030 HIGH POC This Week

A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5029 HIGH POC This Week

A vulnerability, which was classified as critical, was found in mccms 2.6. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Mccms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5023 HIGH POC This Week

A vulnerability was found in Tongda OA 2017 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5027 HIGH POC This Week

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Membership System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-5026 MEDIUM POC This Month

A vulnerability classified as problematic has been found in Tongda OA 11.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-38040 MEDIUM POC This Month

A reflected XSS vulnerability exists in Revive Adserver 5.4.1 and earlier versions.. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Revive Adserver
NVD
CVSS 3.1
6.1
EPSS
2.0%
CVE-2023-5015 MEDIUM POC This Month

A vulnerability was found in UCMS 1.4.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Ucms
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-5018 CRITICAL Act Now

A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Lost And Found Information System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-5017 CRITICAL Act Now

A vulnerability was found in lmxcms up to 1.41. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Lmxcms
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-5025 MEDIUM POC This Month

A vulnerability was found in KOHA up to 23.05.03. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Koha
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-5024 MEDIUM POC This Month

A vulnerability was found in Planno 23.04.04. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Planning Biblio
NVD VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2023-5022 HIGH This Week

A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP Dedecms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-5028 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04_CT2015_Yueme. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tewa 800G Firmware
NVD GitHub VulDB
CVSS 3.1
4.6
EPSS
0.4%
CVE-2023-5021 MEDIUM This Month

A vulnerability, which was classified as problematic, was found in SourceCodester AC Repair and Services System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Ac Repair And Services System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy