CVE-2023-31061
Repetier Server through 1.4.10 does not have CSRF protection.
Source: CVE-2023-31061
[월:] 2023년 04월
CVE-2023-31060
CVE-2023-31060
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.
Source: CVE-2023-31060
CVE-2023-31059
CVE-2023-31059
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.
Source: CVE-2023-31059
CVE-2023-31056
CVE-2023-31056
CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.
Source: CVE-2023-31056
CVE-2023-23753
CVE-2023-23753
The ‘Visforms Base Package for Joomla 3’ extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.
Source: CVE-2023-23753
CVE-2023-31043
CVE-2023-31043
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.
Source: CVE-2023-31043
CVE-2023-2246
CVE-2023-2246
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227236.
Source: CVE-2023-2246
CVE-2023-22686
CVE-2023-22686
Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice PayPal Button Lite plugin <=Â 1.3.5 versions.
Source: CVE-2023-22686
CVE-2023-23879
CVE-2023-23879
Cross-Site Request Forgery (CSRF) vulnerability in Nicolas Zeh PHP Execution plugin <=Â 1.0.0 versions.
Source: CVE-2023-23879
CVE-2022-45074
CVE-2022-45074
Cross-Site Request Forgery (CSRF) vulnerability in Paramveer Singh for Arete IT Private Limited Activity Reactions For Buddypress plugin <=Â 1.0.22 versions.
Source: CVE-2022-45074