CVE-2023-0882
Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse.This issue affects Single Connect: 2.16.
Source: CVE-2023-0882
[월:] 2023년 02월
CVE-2023-0887
CVE-2023-0887
A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locally. The associated identifier of this vulnerability is VDB-221351.
Source: CVE-2023-0887
CVE-2023-0883
CVE-2023-0883
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /php-opos/index.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221350 is the identifier assigned to this vulnerability.
Source: CVE-2023-0883
CVE-2023-24221
CVE-2023-24221
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml.
Source: CVE-2023-24221
CVE-2023-24219
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml.
Source: CVE-2023-24219
CVE-2023-24078
CVE-2023-24078
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.
Source: CVE-2023-24078
CVE-2023-24220
CVE-2023-24220
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml.
Source: CVE-2023-24220
CVE-2023-23695
CVE-2023-23695
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information.
Source: CVE-2023-23695
CVE-2023-0880
CVE-2023-0880
Misinterpretation of Input in GitHub repository thorsten/phpmyfaq prior to 3.1.11.
Source: CVE-2023-0880
CVE-2023-0879
CVE-2023-0879
Cross-site Scripting (XSS) – Stored in GitHub repository btcpayserver/btcpayserver prior to 1.7.12.
Source: CVE-2023-0879