» 2023 » 7월

CVE-2023-3854

Posted on 2023년 7월 24일2023년 7월 24일 by admin

CVE-2023-3854

A vulnerability classified as critical has been found in phpscriptpoint BloodBank 1.1. Affected is an unknown function of the file /search of the component POST Parameter Handler. The manipulation of the argument country/city/blood_group_id leads to sql injection. It is possible to launch the attack remotely. VDB-235206 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Source: CVE-2023-3854

CVE-2023-3852

Posted on 2023년 7월 24일2023년 7월 24일 by admin

CVE-2023-3852

A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/upload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-235204.

Source: CVE-2023-3852

CVE-2023-3850

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3850

A vulnerability has been found in SourceCodester Lost and Found Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_category of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-235201 was assigned to this vulnerability.

Source: CVE-2023-3850

CVE-2023-28133

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-28133

Local privilege escalation in Checkpoint Endpoint Security (version E87.30) via crafted OpenSSL configuration file

Source: CVE-2023-28133

CVE-2023-3849

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3849

A vulnerability, which was classified as problematic, was found in mooSocial mooDating 1.2. Affected is an unknown function of the file /find-a-match of the component URL Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-235200. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3849

CVE-2023-3848

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3848

A vulnerability, which was classified as problematic, has been found in mooSocial mooDating 1.2. This issue affects some unknown processing of the file /users/view of the component URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-235199. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3848

CVE-2023-3847

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3847

A vulnerability classified as problematic was found in mooSocial mooDating 1.2. This vulnerability affects unknown code of the file /users of the component URL Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. VDB-235198 is the identifier assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3847

CVE-2023-3846

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3846

A vulnerability classified as problematic has been found in mooSocial mooDating 1.2. This affects an unknown part of the file /pages of the component URL Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-235197 was assigned to this vulnerability. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3846

CVE-2023-3845

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3845

A vulnerability was found in mooSocial mooDating 1.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /friends/ajax_invite of the component URL Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235196. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3845

CVE-2023-3844

Posted on 2023년 7월 23일2023년 7월 23일 by admin

CVE-2023-3844

A vulnerability was found in mooSocial mooDating 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /friends of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235195. NOTE: We tried to contact the vendor early about the disclosure but the official mail address was not working properly.

Source: CVE-2023-3844