2023-08-31
2023-08-31 06:15Z
HIGH

CVE-2023-2229 — Wpspeedx Rduplicator: The Quick Post Duplicator for WordPress is vulnerable to SQL Injection via the ‘post_id’

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-2229

The Quick Post Duplicator for WordPress is vulnerable to SQL Injection via the ‘post_id’ parameter in versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 8.8 (HIGH) · EPSS 50th percentile

CWECWE 89VNDWpspeedxVNDQuickTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2023-08-30
2023-08-30 02:15Z
CRIT

CVE-2023-4596 — Incsub Forminator: The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-4596

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the upload_post_image() function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile

CWECWE 434VNDIncsubVNDForminatorTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-29
2023-08-29 20:15Z
CRIT

CVE-2021-3262 — Trispark Novusedu: TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2021-3262

TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the "Student Busing Information" search queries. CVSSv3.1 9.8 (CRITICAL) · EPSS 64th percentile

CWECWE 89VNDTrisparkVNDTripsparkTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-27
2023-08-27 22:00Z
HIGH

Leaking File Contents with a Blind File Oracle in Flarum

Assetnote·blog.assetnote.io

Assetnote published research on a blind file oracle vulnerability in Flarum that enables attackers to leak arbitrary file contents through a side-channel technique. The vulnerability allows an unauthenticated attacker to infer file existence and exfiltrate sensitive data without direct file access.

SRFApplicationTACTA0007SRFWebVNDFlarumTYPResearchTYPWriteupSTGDiscoverySTGExfil
72
Edit Score
2023-08-24
2023-08-24 23:15Z
HIGH

CVE-2023-32079 — Netmaker Netmaker: A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-32079

Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. CVSSv3.1 8.8 (HIGH) · EPSS 68th percentile

CWECWE 915VNDNetmakerTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2023-08-24
2023-08-24 22:15Z
HIGH

CVE-2023-32077 — Netmaker Netmaker: makes networks with WireGuard.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-32077

Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workar CVSSv3.1 7.5 (HIGH) · EPSS 99th percentile

CWECWE 798CWECWE 321VNDNetmakerTYPVulnerability
7.5
CVSS v3.1
100
Edit Score
2023-08-23
2023-08-23 02:15Z
CRIT

CVE-2023-4404 — Wpcharitable Charitable: The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-4404

The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile

CWECWE 269VNDWpcharitableVNDDonationTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
728 × 90 / responsive · programmatic ad slot
2023-08-21
2023-08-21 17:15Z
HIGH

CVE-2023-38836 — Boidcms Boidcms: File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-38836

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks. CVSSv3.1 8.8 (HIGH) · EPSS 99th percentile

CWECWE 434VNDBoidcmsTYPVulnerability
8.8
CVSS v3.1
100
Edit Score
2023-08-21
2023-08-21 12:15Z
CRIT

CVE-2020-28715 — Leeco Letv_x43_firmware: An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2020-28715

An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS). CVSSv3.1 9.8 (CRITICAL) · EPSS 51th percentile

VNDLeecoTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-21
2023-08-21 01:15Z
CRIT

CVE-2023-39809 — Nvki Intelligent_broadband_subscriber_gateway: (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-39809

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manage/network-basic.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 66th percentile

CWECWE 77VNDNvkiVNDInterTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-21
2023-08-21 01:15Z
CRIT

CVE-2023-39808 — Nvki Intelligent_broadband_subscriber_gateway: (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-39808

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service. CVSSv3.1 9.8 (CRITICAL) · EPSS 41th percentile

CWECWE 798VNDNvkiVNDInterTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-21
2023-08-21 01:15Z
CRIT

CVE-2023-39807 — Nvki Intelligent_broadband_subscriber_gateway: (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-39807

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 40th percentile

CWECWE 89VNDNvkiVNDInterTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-16
2023-08-16 22:15Z
CRIT

CVE-2023-38894 — Tree_kit_project Tree_kit: A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-38894

A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function. CVSSv3.1 9.8 (CRITICAL) · EPSS 74th percentile

CWECWE 1321VNDPrototypeVNDTree Kit ProjectTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-16
2023-08-16 13:15Z
CRIT

CVE-2020-26037 — Evenbalance Punkbuster: Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902 before 1.905

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2020-26037

Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code. CVSSv3.1 9.8 (CRITICAL) · EPSS 79th percentile

CWECWE 22VNDEvenbalanceTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-16
2023-08-16 05:15Z
HIGH

CVE-2023-3958 — Froger Wp_remote_users_sync: The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-3958

The WP Remote Users Sync plugin for WordPress is vulnerable to Server Side Request Forgery via the 'notify_ping_remote' AJAX function in versions up to, and including, 1.2.12. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. This was partially patched in version 1.2.12 and fully patched in ver CVSSv3.1 8.5 (HIGH) · EPSS 38th percentile

CWECWE 918VNDFrogerTYPVulnerability
8.5
CVSS v3.1
93
Edit Score
2023-08-15
2023-08-15 09:15Z
HIGH

CVE-2023-2916 — Revmakx Infinitewp_client: The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-2916

The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.11.1 via the 'admin_notice' function. This can allow authenticated attackers with subscriber-level permissions or above to extract sensitive data including configuration. It can only be exploited if the plugin has not been configured yet. If combined with another arbitrary plugin installation and activation vulnerability, it may be possible to connect CVSSv3.1 7.5 (HIGH) · EPSS 97th percentile

CWECWE 200CWECWE 668VNDRevmakxVNDInfinitewpTYPVulnerability
7.5
CVSS v3.1
96
Edit Score
2023-08-14
2023-08-14 13:15Z
CRIT

CVE-2023-30187 — Onlyoffice Document_server: An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-30187

An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. CVSSv3.1 9.8 (CRITICAL) · EPSS 77th percentile

CWECWE 787VNDOnlyofficeTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-14
2023-08-14 13:15Z
CRIT

CVE-2023-30186 — Onlyoffice Document_server: A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-30186

A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file. CVSSv3.1 9.8 (CRITICAL) · EPSS 76th percentile

CWECWE 416VNDOnlyofficeTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-14
2023-08-14 12:15Z
CRIT

CVE-2023-37847 — Xxyopen Novel-plus: v3.6.2 was discovered to contain a SQL injection vulnerability.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-37847

novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability. CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile

CWECWE 89VNDXxyopenTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-12
2023-08-12 08:15Z
HIGH

CVE-2023-4293 — Wpdownloadmanager Premium_packages_-_sell_digital_products_securely: The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-4293

The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_update_profile' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'profile[role]' parameter during a profile update. CVSSv3.1 8.8 (HIGH) · EPSS 42th percentile

CWECWE 269VNDWpdownloadmanagerVNDPremiumTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2023-08-12
2023-08-12 03:15Z
CRIT

CVE-2023-3452 — Canto Canto: The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-3452

The Canto plugin for WordPress is vulnerable to Remote File Inclusion in versions up to, and including, 3.0.4 via the 'wp_abspath' parameter. This allows unauthenticated attackers to include and execute arbitrary remote code on the server, provided that allow_url_include is enabled. Local File Inclusion is also possible, albeit less useful because it requires that the attacker be able to upload a malicious php file via FTP or some other means into a directory readable by the CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile

CWECWE 98VNDCantoTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2023-08-10
2023-08-10 20:15Z
CRIT

CVE-2023-39806 — Idreamsoft Icms: v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function. CVSSv3.1 9.8 (CRITICAL) · EPSS 44th percentile

CWECWE 89VNDIdreamsoftTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-10
2023-08-10 20:15Z
CRIT

CVE-2023-39805 — Idreamsoft Icms: v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-39805

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 44th percentile

CWECWE 89VNDIdreamsoftTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2023-08-10
2023-08-10 07:15Z
HIGH

CVE-2023-4277 — Pragmaticmates Realia: The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-4277

The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 21th percentile

CWECWE 352VNDPragmaticmatesVNDRealiaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2023-08-10
2023-08-10 07:15Z
HIGH

CVE-2023-4276 — Johnkolbert Absolute_privacy: The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-4276

The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 26th percentile

CWECWE 352VNDJohnkolbertVNDAbsoluteTYPVulnerability
8.8
CVSS v3.1
94
Edit Score