Skip to main content
CVE-2023-6903 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-6902 CRITICAL POC Act Now

A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Stupid Simple Cms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-6901 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Stupid Simple Cms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.9%
CVE-2023-6899 CRITICAL POC Act Now

A vulnerability classified as problematic was found in rmountjoy92 DashMachine 0.5-4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Dashmachine
NVD VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-6898 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Best Courier Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Courier Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-6895 CRITICAL POC THREAT Act Now

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Hikvision Command Injection Intercom Broadcast System
NVD VulDB GitHub
CVSS 3.1
9.8
EPSS
89.1%
CVE-2023-50965 CRITICAL POC Act Now

In MicroHttpServer (aka Micro HTTP Server) through 4398570, _ReadStaticFiles in lib/middleware.c allows a stack-based buffer overflow and potentially remote code execution via a long URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow RCE Micro Http Server
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2023-6888 CRITICAL POC Act Now

A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Stack Overflow Buffer Overflow Rtspserver
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-6887 CRITICAL POC Act Now

A vulnerability classified as critical has been found in saysky ForestBlog up to 20220630. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Forestblog
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-6900 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in rmountjoy92 DashMachine 0.5-4. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Dashmachine
NVD VulDB
CVSS 3.1
9.1
EPSS
1.1%
CVE-2023-6893 HIGH POC THREAT This Week

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Hikvision PHP Intercom Broadcast System
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
70.2%
CVE-2023-6894 MEDIUM POC This Month

A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Hikvision Intercom Broadcast System
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-6896 MEDIUM POC This Month

A vulnerability was found in SourceCodester Simple Image Stack Website 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Simple Image Stack Website
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-6886 CRITICAL Act Now

A vulnerability was found in xnx3 wangmarket 6.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Wangmarket
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-6904 HIGH This Week

A vulnerability classified as problematic was found in Jahastech NxFilter 4.3.2.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Nxfilter
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-3907 HIGH This Week

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Gitlab
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-6891 HIGH This Week

A vulnerability has been found in PeaZip 9.4.0 and classified as problematic. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Peazip
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-50271 HIGH This Week

A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure HP System Management Homepage
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-49824 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in PixelYourSite Product Catalog Feed by PixelYourSite.1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Product Catalog Feed
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-49834 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 FOX - Currency Switcher Professional for WooCommerce.4.1.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Fox Currency Switcher Professional For Woocommerce
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2023-49775 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Denis Kobozev CSV Importer.3.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Csv Importer
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-49769 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.3.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google CSRF Integrate Google Drive
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-49751 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Block For Font Awesome
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-24380 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Webbjocke Simple Wp Sitemap.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Simple Wp Sitemap
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-49816 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in Innovative Solutions Fix My Feed RSS Repair.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Fix My Feed Rss Repair
NVD
CVSS 3.1
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy