Skip to main content
CVE-2023-5282 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5281 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5280 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5279 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5278 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Engineers Online Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5277 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Engineers Online Portal 1.0.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5276 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester Engineers Online Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5267 CRITICAL POC Act Now

A vulnerability has been found in Tongda OA 2017 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5265 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5261 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Tongda OA 2017. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5260 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Membership System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-5258 CRITICAL POC Act Now

A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rapidcms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-43909 CRITICAL POC Act Now

Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Hospital Management System
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2023-5294 HIGH POC This Week

A vulnerability has been found in ECshop 4.1.1 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-5284 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Engineers Online Portal 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-5283 HIGH POC This Week

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Engineers Online Portal
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5272 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Courier Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5271 HIGH POC This Week

A vulnerability was found in SourceCodester Best Courier Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Courier Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5270 HIGH POC This Week

A vulnerability was found in SourceCodester Best Courier Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Courier Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5266 HIGH POC This Week

A vulnerability, which was classified as critical, was found in DedeBIZ 6.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dedebiz
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-5289 HIGH POC PATCH This Week

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Rdiffweb
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5263 HIGH POC This Week

A vulnerability was found in ZZZCMS 2.1.7 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Zzzcms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-5262 HIGH POC This Week

A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Rapidcms
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-44466 HIGH POC PATCH THREAT This Week

An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow RCE Linux Linux Kernel
NVD GitHub
CVSS 3.1
8.8
EPSS
54.6%
CVE-2023-5297 HIGH POC This Week

A vulnerability was found in Xinhu RockOA 2.3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Rockoa
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-5296 HIGH POC This Week

A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Rockoa
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-5285 HIGH POC This Week

A vulnerability classified as critical was found in Tongda OA 2017. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Tongda Office Anywhere
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-5268 HIGH POC This Week

A vulnerability was found in DedeBIZ 6.2 and classified as critical.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Dedebiz
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-5264 HIGH POC This Week

A vulnerability classified as critical was found in huakecms 3.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Huakecms
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-5293 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Ecshop
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-39308 MEDIUM POC This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Userfeedback
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-26147 MEDIUM POC This Month

All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Libhv
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-26146 MEDIUM POC This Month

All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Libhv
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-5288 CRITICAL Act Now

A remote unauthorized attacker may connect to the SIM1012, interact with the device and change configuration settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Sim1012 0P0G200 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-5257 MEDIUM POC This Month

A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Java Path Traversal Microsoft Jndiexploit
NVD GitHub VulDB
CVSS 3.1
5.7
EPSS
0.8%
CVE-2023-5273 MEDIUM POC This Month

A vulnerability classified as problematic was found in SourceCodester Best Courier Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Best Courier Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-43944 MEDIUM POC This Month

A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE XSS Task Management System
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-26148 MEDIUM POC This Month

All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Libhv
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-5269 MEDIUM POC This Month

A vulnerability was found in SourceCodester Best Courier Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Courier Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2023-26218 CRITICAL Act Now

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Reflected Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Nimbus
NVD
CVSS 3.1
9.0
EPSS
0.5%
CVE-2023-5259 MEDIUM POC This Month

A vulnerability classified as problematic was found in ForU CMS. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Foru Cms
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
1.0%
CVE-2023-5287 MEDIUM POC This Month

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in BEECMS 4.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Beecms
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-43655 HIGH PATCH This Week

Composer is a dependency manager for PHP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE PHP Composer Debian Linux Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2023-32477 HIGH PATCH This Week

Dell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Dell Authentication Bypass Common Event Enabler
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-44464 HIGH PATCH This Week

pretix before 2023.7.2 allows Pillow to parse EPS files. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Pretix
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-39410 HIGH PATCH This Week

When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.11.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Apache Deserialization Avro
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-3413 HIGH This Week

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-3917 HIGH This Week

Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-30591 HIGH PATCH This Week

Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Nodebb
NVD GitHub
CVSS 3.1
7.5
EPSS
53.8%
CVE-2023-5077 HIGH PATCH This Week

The Vault and Vault Enterprise ("Vault") Google Cloud secrets engine did not preserve existing Google Cloud IAM Conditions upon creating or updating rolesets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Hashicorp Vault
NVD
CVSS 3.1
7.5
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy