CVE-2023-26612
D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo.
Source: CVE-2023-26612
[월:] 2023년 06월
CVE-2015-1313
CVE-2015-1313
JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request.
Source: CVE-2015-1313
CVE-2023-34598
CVE-2023-34598
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it’s possible to include the content of several files present in the installation folder in the server’s response.
Source: CVE-2023-34598
CVE-2023-34849
CVE-2023-34849
An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1.
Source: CVE-2023-34849
CVE-2023-34844
CVE-2023-34844
Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.
Source: CVE-2023-34844
CVE-2023-34599
CVE-2023-34599
Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
Source: CVE-2023-34599
CVE-2023-33466
CVE-2023-33466
Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE).
Source: CVE-2023-33466
CVE-2023-34656
CVE-2023-34656
An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain escalated privileges.
Source: CVE-2023-34656
CVE-2023-34486
CVE-2023-34486
itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved by entering malicious code in the date selection box.
Source: CVE-2023-34486
CVE-2023-34487
CVE-2023-34487
itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection.
Source: CVE-2023-34487