CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.
Source: CVE-2023-33440
CVE-2023-33440
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to arbitrary code execution via /eval/ajax.php?action=save_user.
Source: CVE-2023-33440
CVE-2023-33439
Sourcecodester Faculty Evaluation System v1.0 is vulnerable to SQL Injection via /eval/admin/manage_task.php?id=.
Source: CVE-2023-33439
CVE-2023-33394
skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data.
Source: CVE-2023-33394
CVE-2023-32964
Cross-Site Request Forgery (CSRF) vulnerability in Made with Fuel Better Notifications for WP plugin <=Â 1.9.2 versions.
Source: CVE-2023-32964
CVE-2023-29098
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ArtistScope CopySafe Web Protection plugin <=Â 3.13 versions.
Source: CVE-2023-29098
CVE-2023-30145
Camaleon CMS v2.7.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the formats parameter.
Source: CVE-2023-30145
CVE-2023-25467
Cross-Site Request Forgery (CSRF) vulnerability in Daniel Mores, A. Huizinga Resize at Upload Plus plugin <=Â 1.3 versions.
Source: CVE-2023-25467
CVE-2023-25058
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Schema – All In One Schema Rich Snippets plugin <= 1.6.5 versions.
Source: CVE-2023-25058
CVE-2023-25034
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <=Â 1.2.3 versions.
Source: CVE-2023-25034
CVE-2022-46945
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.
Source: CVE-2022-46945