Skip to main content
CVE-2023-50250 MEDIUM POC This Month

Cacti is an open source operational monitoring and fault management framework. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Cacti
NVD GitHub
CVSS 3.1
6.1
EPSS
1.3%
CVE-2023-7075 MEDIUM POC This Month

A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Point Of Sales And Inventory Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-7057 MEDIUM POC This Month

A vulnerability, which was classified as problematic, has been found in code-projects Faculty Management System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Faculty Management System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-51704 MEDIUM POC This Month

An issue was discovered in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Mediawiki
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-7059 MEDIUM POC This Month

A vulnerability was found in SourceCodester School Visitor Log e-Book 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS School Visitor Log E Book
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-7056 MEDIUM POC This Month

A vulnerability classified as problematic was found in code-projects Faculty Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Faculty Management System
NVD VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-7055 MEDIUM POC This Month

A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass Online Notes Sharing System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-7054 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Online Notes Sharing System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-49086 MEDIUM POC PATCH This Month

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database (TSDB). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP XSS Cacti
NVD GitHub
CVSS 3.1
5.4
EPSS
1.5%
CVE-2023-50259 MEDIUM POC PATCH This Month

Medusa is an automatic video library manager for TV shows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF Medusa
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2023-50258 MEDIUM POC This Month

Medusa is an automatic video library manager for TV shows. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Medusa
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2023-49088 MEDIUM POC This Month

Cacti is an open source operational monitoring and fault management framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Cacti
NVD GitHub
CVSS 3.1
4.8
EPSS
1.3%
CVE-2023-7052 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Online Notes Sharing System
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-43088 MEDIUM This Month

Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Dell Precision 7865 Tower Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-39251 MEDIUM This Month

Dell BIOS contains an Improper Input Validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Dell Inspiron 7510 Firmware Inspiron 7610 Firmware Latitude 5430 Rugged Firmware +10
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-48308 MEDIUM PATCH This Month

Nextcloud/Cloud is a calendar app for Nextcloud. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Calendar
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2023-50727 MEDIUM PATCH This Month

Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Redis XSS Resque
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-50725 MEDIUM PATCH This Month

Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Redis XSS Resque
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-7076 MEDIUM PATCH This Month

A vulnerability was found in slawkens MyAAC up to 0.8.13. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Myaac
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-45165 MEDIUM This Month

IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service IBM Aix
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2023-50924 MEDIUM PATCH This Month

Englesystem is a shift planning system for chaos events. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Engelsystem
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-50712 MEDIUM This Month

Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Authentication Bypass Iris
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-49791 MEDIUM PATCH This Month

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-45957 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

PHP XSS Thirty Bees
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-51451 MEDIUM PATCH This Month

Symbolicator is a service used in Sentry. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Symbolicator
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2023-51649 MEDIUM PATCH This Month

Nautobot is a Network Source of Truth and Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Python PostgreSQL Authentication Bypass Nautobot
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-49790 MEDIUM PATCH This Month

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apple Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy