Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2022-37830 — Webjet Webjet_cms: Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS).
Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS). CVSSv3.1 9.6 (CRITICAL) · EPSS 47th percentile
CVE-2023-5241 — Quantumcloud Wpbot: The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to
The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append "<?php" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php. CVSSv3.1 9.6 (CRITICAL) · EPSS 85th percentile
CVE-2023-5212 — Quantumcloud Wpbot: The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions
The AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 4.8.9 as well as version 4.9.2. This makes it possible for authenticated attackers with subscriber privileges to delete arbitrary files on the server, which makes it possible to take over affected sites as well as others sharing the same hosting account. Version 4.9.1 originally addressed the issue, but it was reintroduced in 4.9.2 and fixed again in 4.9.3. CVSSv3.1 9.6 (CRITICAL) · EPSS 54th percentile
CVE-2023-5204 — Quantumcloud Wpbot: The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter
The ChatBot plugin for WordPress is vulnerable to SQL Injection via the $strid parameter in versions up to, and including, 4.8.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2023-5336 — Ipanorama_360_wordpress_virtual_tour_builder_project Ipanorama_360_wordpress_virtual_tour_builder: The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable
The iPanorama 360 – WordPress Virtual Tour Builder plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.8.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract s CVSSv3.1 8.8 (HIGH) · EPSS 36th percentile
CVE-2023-38545 — Haxx Libcurl: When curl is asked to pass along the host name to the SOCKS5 proxy
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host reso CVSSv3.1 9.8 (CRITICAL) · EPSS 96th percentile
CVE-2023-5046 — Biltay Procost: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Procost allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Procost: before 1390. CVSSv3.1 9.8 (CRITICAL) · EPSS 21th percentile
CVE-2023-5045 — Biltay Kayisi: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Kayisi allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Kayisi: before 1286. CVSSv3.1 9.8 (CRITICAL) · EPSS 21th percentile
CVE-2023-44487 — Ietf Http: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVSSv3.1 7.5 (HIGH) · EPSS 100th percentile
CVE-2023-45199 — Trustedfirmware Mbed_tls: Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead
Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. CVSSv3.1 9.8 (CRITICAL) · EPSS 93th percentile
CVE-2023-4530 — Turnatasarim Advertising_administration_panel: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Turna Advertising Administration Panel allows SQL Injection. This issue affects Advertising Administration Panel: before 1.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 20th percentile
CVE-2023-44208 — Acronis Cyber_protect_home_office: Sensitive information disclosure and manipulation due to missing authorization.
Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713, Acronis True Image OEM (Windows) before build 42575. CVSSv3.1 9.1 (CRITICAL) · EPSS 37th percentile
CVE-2023-43261 — Milesight Ur5x_firmware: An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. CVSSv3.1 7.5 (HIGH) · EPSS 99th percentile
RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
Progress WS_FTP Ad Hoc contains a remote code execution vulnerability (CVE-2023-40044) exploitable through IIS HTTP modules. The vulnerability allows unauthenticated attackers to achieve RCE on affected systems running the vulnerable WS_FTP Ad Hoc product.
CVE-2023-43176 — Afterlogic Aurora_files: A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file. CVSSv3.1 8.8 (HIGH) · EPSS 75th percentile
CVE-2023-4911 — Netapp Bootstrap_os: A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. CVSSv3.1 7.8 (HIGH) · EPSS 99th percentile
v1.0.0
NetExec v1.0.0 released as a stable baseline version following the project rename. The release includes bug fixes for WMI admin checks, WinRM conditions, WebDAV module exception handling, LDAP logging crashes, and encoding errors. Windows binaries are now provided alongside the traditional Linux installation method.
CVE-2023-5201 — Rickbeckman Openhook: The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up
The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the [php] shortcode setting to be enabled on the vulnerable site. CVSSv3.1 9.9 (CRITICAL) · EPSS 92th percentile
CVE-2023-41450 — Phpkobo Ajaxnewsticker: An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. CVSSv3.1 8.8 (HIGH) · EPSS 68th percentile
CVE-2023-41452 — Phpkobo Ajaxnewsticker: Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to
Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component. CVSSv3.1 8.8 (HIGH) · EPSS 44th percentile
CVE-2023-41449 — Phpkobo Ajaxnewsticker: An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. CVSSv3.1 9.8 (CRITICAL) · EPSS 71th percentile
Volatility 3 2.5.0
Volatility 3 version 2.5.0 released with new Linux capabilities plugin, Linux process dumping support, Xen ELF file format support, and improved Linux subsystem support. Release includes documentation tutorials and core API improvements.
CVE-2023-4934 — Usta Aybs: Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass.
Authorization Bypass Through User-Controlled Key vulnerability in Usta AYBS allows Authentication Abuse, Authentication Bypass. This issue affects AYBS: before 1.0.3. CVSSv3.1 8.8 (HIGH) · EPSS 22th percentile
CVE-2023-4737 — Hedeftakip Admin_portal: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hedef Tracking Admin Panel allows SQL Injection. This issue affects Admin Panel: before 1.2. CVSSv3.1 9.8 (CRITICAL) · EPSS 37th percentile
CVE-2023-43234 — Dedebiz Dedebiz: v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php
DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php via the $activepath and $filename parameters. CVSSv3.1 9.8 (CRITICAL) · EPSS 59th percentile