CVE-2023-31587
Tenda AC5 router V15.03.06.28 was discovered to contain a remote code execution (RCE) vulnerability via the Mac parameter at ip/goform/WriteFacMac.
Source: CVE-2023-31587
[월:] 2023년 05월
CVE-2023-31519
CVE-2023-31519
Pharmacy Management System v1.0 was discovered to contain a SQL injection vulnerability via the email parameter at login_core.php.
Source: CVE-2023-31519
CVE-2023-29439
CVE-2023-29439
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FooPlugins FooGallery plugin <=Â 2.2.35 versions.
Source: CVE-2023-29439
CVE-2023-31576
CVE-2023-31576
An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file.
Source: CVE-2023-31576
CVE-2023-31572
CVE-2023-31572
An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request.
Source: CVE-2023-31572
CVE-2023-2730
CVE-2023-2730
Cross-site Scripting (XSS) – Stored in GitHub repository pimcore/pimcore prior to 10.3.3.
Source: CVE-2023-2730
CVE-2023-23720
CVE-2023-23720
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NetReviews SAS Verified Reviews (Avis Vérifiés) plugin <= 2.3.13 versions.
Source: CVE-2023-23720
CVE-2023-23703
CVE-2023-23703
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Tyche Softwares Arconix Shortcodes plugin <=Â 2.1.7 versions.
Source: CVE-2023-23703
CVE-2023-23709
CVE-2023-23709
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Denis WPJAM Basic plugin <=Â 6.2.1 versions.
Source: CVE-2023-23709
CVE-2023-23641
CVE-2023-23641
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPmanage Uji Popup plugin <=Â 1.4.3 versions.
Source: CVE-2023-23641