Skip to main content
CVE-2023-43836 MEDIUM POC This Month

There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jizhicms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-44012 MEDIUM POC This Month

Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Mojoportal
NVD GitHub
CVSS 3.1
6.1
EPSS
1.3%
CVE-2023-43297 MEDIUM POC This Month

An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Line
NVD GitHub
CVSS 3.1
5.4
EPSS
0.2%
CVE-2023-32830 MEDIUM This Month

In TVAPI, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32829 MEDIUM This Month

In apusys, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Yocto Iot Yocto +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32828 MEDIUM This Month

In vpu, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Iot Yocto Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32827 MEDIUM This Month

In camera middleware, there is a possible out of bounds write due to a missing input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32826 MEDIUM This Month

In camera middleware, there is a possible out of bounds write due to a missing input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32824 MEDIUM This Month

In rpmb , there is a possible double free due to improper locking. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32823 MEDIUM This Month

In rpmb , there is a possible memory corruption due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32822 MEDIUM This Month

In ftm, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32821 MEDIUM This Month

In video, there is a possible out of bounds write due to a permissions bypass. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-41728 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Rescue Shortcodes
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2023-44245 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Contact Form Website To Workflow Tool
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-44144 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Payment Gateway Per Product For Woocommerce
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-44474 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Tiger Forms Drag And Drop Form Builder
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-44244 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Foogallery
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-41856 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Click To Tweet
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-41692 MEDIUM This Month

Unauth. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Attorney
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-41729 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brewlabs SendPress Newsletters sendpress allows DOM-Based XSS.26.1.20. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2023-37605 MEDIUM This Month

Weak Exception Handling vulnerability in baramundi software GmbH EMM Agent 23.1.50 and before allows an attacker to cause a denial of service via a crafted request to the password parameter. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Enterprise Mobility Management
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-42132 MEDIUM This Month

FD Application Apr. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XXE Fd Application
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-43267 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Emlog
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44264 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS The Awesome Feed
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44242 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS 2J Slideshow
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44145 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Anchor Episodes Index Spotify For Podcasters
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44477 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cooked
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-41847 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Notice Bar
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-41797 MEDIUM This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Locations
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-44463 MEDIUM PATCH This Month

An issue was discovered in pretix before 2023.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Pretix
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-0809 MEDIUM This Month

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mosquitto
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-44266 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Adminify
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44265 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Popup Contact Form
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44230 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Popup Contact Form
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44228 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Onclick Show Popup
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2023-44263 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Social Metrics
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44262 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Blocks
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44239 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Social Share On Image Hover
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-44479 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Jump Menu
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41859 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Order Delivery Date For Wp E Commerce
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41855 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Regpack
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41800 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cmp For Gdpr Cpra Gpp Tcf
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41737 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Swifty Bar
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41736 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Email Posts To Subscribers
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41734 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Insert Estimated Reading Time
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41733 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Back To The Top Button
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-41731 MEDIUM This Month

Auth. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Publish Post Email Notification
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2023-32819 MEDIUM This Month

In display, there is a possible information disclosure due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-31042 MEDIUM This Month

A flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade’s object store protocol can impact the availability of the system’s data access and replication protocols. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Purity
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-3770 MEDIUM This Month

Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ingepac Da3451 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy