1961
|
9.8 |
CRITICAL
Network
dlink
|
dir-816_a2_firmware
|
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter statuscheckpppoeuser in dir_setWanWifi.
|
CWE-787
Out-of-bounds Write
|
CVE-2023-43236
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1962
|
9.8 |
CRITICAL
Network
icmsdev
|
icms
|
Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain sensitive information.
|
CWE-384
Session Fixation
|
CVE-2023-42322
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1963
|
5.4 |
MEDIUM
Network
|
digitaldruid
|
hoteldruid
|
A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into t…
|
CWE-89
SQL Injection
|
CVE-2023-43377
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1964
|
5.4 |
MEDIUM
Network
|
digitaldruid
|
hoteldruid
|
A cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipota…
|
CWE-79
Cross-site Scripting
|
CVE-2023-43376
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1965
|
9.8 |
CRITICAL
Network
digitaldruid
|
hoteldruid
|
Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita, …
|
CWE-89
SQL Injection
|
CVE-2023-43375
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1966
|
9.8 |
CRITICAL
Network
digitaldruid
|
hoteldruid
|
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the id_utente_log parameter at /hoteldruid/personalizza.php.
|
CWE-89
SQL Injection
|
CVE-2023-43374
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1967
|
9.8 |
CRITICAL
Network
digitaldruid
|
hoteldruid
|
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the n_utente_agg parameter at /hoteldruid/interconnessioni.php.
|
CWE-89
SQL Injection
|
CVE-2023-43373
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1968
|
9.8 |
CRITICAL
Network
digitaldruid
|
hoteldruid
|
Hoteldruid v3.0.5 was discovered to contain a SQL injection vulnerability via the numcaselle parameter at /hoteldruid/creaprezzi.php.
|
CWE-89
SQL Injection
|
CVE-2023-43371
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1969
|
8.1 |
HIGH
Network
|
jenkins
|
jenkins
|
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permiss…
|
NVD-CWE-noinfo
|
CVE-2023-43498
|
2024-09-25 10:36 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1970
|
9.8 |
CRITICAL
Network
dlink
|
dwl-6610ap_firmware
|
D-LINK DWL-6610 FW_v_4.3.0.8B003C was discovered to contain a command injection vulnerability in the function config_upload_handler. This vulnerability allows attackers to execute arbitrary commands …
|
CWE-77
Command Injection
|
CVE-2023-43207
|
2024-09-25 10:36 |
2023-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|