CVE-2023-29735
An issue found in edjing Mix v.7.09.01 for Android allows a local attacker to cause a denial of service via the database files.
Source: CVE-2023-29735
[월:] 2023년 05월
CVE-2023-31185
CVE-2023-31185
ROZCOM server framework – Misconfiguration may allow information disclosure via an unspecified request.
Source: CVE-2023-31185
CVE-2023-32218
CVE-2023-32218
Avaya IX Workforce Engagement v15.2.7.1195 – CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)
Source: CVE-2023-32218
CVE-2023-33177
CVE-2023-33177
Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip file can be uploaded to the CMS via the layout import function by an authenticated user which would allow creation of files outside of the CMS library directory as the webserver user. This can be used to upload a PHP webshell inside the web root directory and achieve remote code execution as the webserver user. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running.
Source: CVE-2023-33177
CVE-2023-23561
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Source: CVE-2023-23561
CVE-2022-36246
CVE-2022-36246
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.
Source: CVE-2022-36246
CVE-2022-47029
CVE-2022-47029
An issue was found in Action Launcher v50.5 allows an attacker to escalate privilege via modification of the intent string to function update.
Source: CVE-2022-47029
CVE-2022-36244
CVE-2022-36244
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 suffers from Multiple Stored Cross-Site Scripting (XSS) vulnerabilities via Shop Beat Control Panel found at www.shopbeat.co.za controlpanel.shopbeat.co.za.
Source: CVE-2022-36244
CVE-2022-36243
CVE-2022-36243
Shop Beat Solutions (pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Directory Traversal via server.shopbeat.co.za. Information Exposure Through Directory Listing vulnerability in "studio" software of Shop Beat. This issue affects: Shop Beat studio studio versions prior to 3.2.57 on arm.
Source: CVE-2022-36243
CVE-2022-47028
CVE-2022-47028
An issue discovered in Action Launcher for Android v50.5 allows an attacker to cause a denial of service via arbitary data injection to function insert.
Source: CVE-2022-47028