1881
|
9.8 |
CRITICAL
Network
dedebiz
|
dedebiz
|
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php via the $activepath and $filename parameters.
|
NVD-CWE-noinfo
|
CVE-2023-43234
|
2024-09-25 10:36 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1882
|
9.8 |
CRITICAL
Network
seacms
|
seacms
|
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
|
NVD-CWE-noinfo
|
CVE-2023-43222
|
2024-09-25 10:36 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1883
|
9.8 |
CRITICAL
Network
seacms
|
seacms
|
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_ip.php.
|
NVD-CWE-noinfo
|
CVE-2023-43216
|
2024-09-25 10:36 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1884
|
7.8 |
HIGH
Local
|
apple
|
macos iphone_os watchos tvos ipados
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonom…
|
NVD-CWE-noinfo
|
CVE-2023-41984
|
2024-09-25 10:36 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1885
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Screenshot vulnerability in the input module. Successful exploitation of this vulnerability may affect confidentiality.
|
NVD-CWE-noinfo
|
CVE-2023-41308
|
2024-09-25 10:36 |
2023-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1886
|
9.8 |
CRITICAL
Network
oretnom23
|
service_provider_management_system
|
An issue in Service Provider Management System v.1.0 allows a remote attacker to gain privileges via the ID parameter in the /php-spms/admin/?page=user/ endpoint.
|
NVD-CWE-noinfo
|
CVE-2023-43457
|
2024-09-25 10:36 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1887
|
6.1 |
MEDIUM
Network
|
froala
|
froala_editor
|
Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component.
|
CWE-79
Cross-site Scripting
|
CVE-2023-42426
|
2024-09-25 10:36 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1888
|
5.4 |
MEDIUM
Network
|
resort_reservation_system_project
|
resort_reservation_system
|
Cross Site Scripting (XSS) vulnerability in Resort Reservation System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description par…
|
CWE-79
Cross-site Scripting
|
CVE-2023-43458
|
2024-09-25 10:36 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1889
|
9.8 |
CRITICAL
Network
totolink
|
a3700r_firmware n600r_firmware
|
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
|
NVD-CWE-Other
|
CVE-2023-43141
|
2024-09-25 10:36 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1890
|
9.8 |
CRITICAL
Network
maxiguvenlik
|
general_device_manager
|
General Device Manager 2.5.2.2 is vulnerable to Buffer Overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-43131
|
2024-09-25 10:36 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|