CVE-2023-43194
Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter.
Source: CVE-2023-43194
CVE-2023-43194
Submitty before v22.06.00 is vulnerable to Incorrect Access Control. An attacker can delete any post in the forum by modifying request parameter.
Source: CVE-2023-43194
CVE-2023-46352
In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" (facebookconversiontrackingplus) up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer table such as name / surname / email.
Source: CVE-2023-46352
CVE-2023-39057
An information leak in hirochanKAKIwaiting v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39057
CVE-2023-46958
An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file.
Source: CVE-2023-46958
CVE-2023-31579
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token.
Source: CVE-2023-31579
CVE-2023-39050
An information leak in Daiky-value.Fukueten v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39050
CVE-2023-39047
An information leak in shouzu sweets oz v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39047
CVE-2023-39051
An information leak in VISION MEAT WORKS Track Diner 10/10mbl v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39051
CVE-2023-39053
An information leak in Hattoriya v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39053
CVE-2023-39054
An information leak in Tokudaya.ekimae_mc v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
Source: CVE-2023-39054