Skip to main content
CVE-2023-6474 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Nipah Virus Testing Management System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-49926 MEDIUM PATCH This Month

app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Misp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-49948 MEDIUM PATCH This Month

Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Forgejo
NVD
CVSS 3.1
5.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy