Skip to main content
CVE-2023-6657 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Simple Student Attendance System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Student Attendance System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-6655 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in Hongjing e-HR 2020. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi E Hr
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
3.8%
CVE-2023-6652 CRITICAL POC Act Now

A vulnerability was found in code-projects Matrimonial Site 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Matrimonial Site
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-6651 CRITICAL POC Act Now

A vulnerability was found in code-projects Matrimonial Site 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Matrimonial Site
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-6647 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in AMTT HiBOS 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-50449 HIGH POC This Week

JFinalCMS 5.0.0 could allow a remote attacker to read files via ../ Directory Traversal in the /common/down/file fileKey parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Jfinalcms
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2023-6648 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in PHPGurukul Nipah Virus Testing Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Nipah Virus Testing Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
1.0%
CVE-2023-6650 MEDIUM POC This Month

A vulnerability was found in SourceCodester Simple Invoice Generator System 1.0 and classified as problematic.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Simple Invoice Generator System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-6649 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Teacher Subject Allocation Management System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Teacher Subject Allocation Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-6658 CRITICAL Act Now

A vulnerability classified as critical was found in SourceCodester Simple Student Attendance System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Simple Student Attendance System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5869 HIGH This Week

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow RCE PostgreSQL Codeready Linux Builder Eus Codeready Linux Builder Eus For Power Little Endian Eus +18
NVD
CVSS 3.1
8.8
EPSS
4.3%
CVE-2023-6654 HIGH This Week

A vulnerability classified as critical was found in PHPEMS 6.x/7.x/8.x/9.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Deserialization Phpems
NVD VulDB
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-6653 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Teacher Subject Allocation Management System 1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Teacher Subject Allocation Management System
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-50446 HIGH PATCH This Week

An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Microsoft Mullvad Vpn
NVD GitHub
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-6656 HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Deserialization Deepfacelab
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-50455 HIGH This Week

An issue was discovered in Zammad before 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-50463 MEDIUM This Month

The caddy-geo-ip (aka GeoIP) middleware through 0.6.0 for Caddy 2, when trust_header X-Forwarded-For is used, allows attackers to spoof their source IP address via an X-Forwarded-For header, which. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Caddy
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-50454 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-50456 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Zammad
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-50453 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-5868 MEDIUM This Month

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Codeready Linux Builder Eus Codeready Linux Builder Eus For Power Little Endian Eus Codeready Linux Builder For Arm64 Eus +12
NVD
CVSS 3.1
4.3
EPSS
2.8%
CVE-2023-5870 MEDIUM This Month

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service PostgreSQL Codeready Linux Builder Eus Codeready Linux Builder Eus For Power Little Endian Eus Codeready Linux Builder For Arm64 Eus +12
NVD
CVSS 3.1
4.4
EPSS
2.6%
CVE-2023-50457 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy