Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-3956 — Instawp Instawp_connect: The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification
The InstaWP Connect plugin for WordPress is vulnerable to unauthorized access of data, modification of data and loss of data due to a missing capability check on the 'events_receiver' function in versions up to, and including, 0.0.9.18. This makes it possible for unauthenticated attackers to add, modify or delete post and taxonomy, install, activate or deactivate plugin, change customizer settings, add or modify or delete user including administrator user. CVSSv3.1 9.8 (CRITICAL) · EPSS 75th percentile
CVE-2023-35066 — Infodrom E-invoice_approval_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection.This issue affects E-Invoice Approval System: before v.20230701. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-3046 — Biltay Scienta: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Scienta allows SQL Injection.This issue affects Scienta: before 20230630.1953. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)
Assetnote published part 2 of their technical analysis of CVE-2023-3519, a critical RCE vulnerability affecting Citrix ADC and NetScaler Gateway. The vulnerability has been exploited in the wild and represents a significant attack surface for organizations running these appliances.
Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646)
Assetnote published a detailed writeup of CVE-2023-38646, a pre-authentication RCE vulnerability in Metabase achieved through vulnerability chaining. The exploit allows unauthenticated remote code execution on affected Metabase instances.
Advisory: Metabase Pre-Auth RCE (CVE-2023-38646)
Assetnote disclosed CVE-2023-38646, a pre-authentication remote code execution vulnerability in Metabase. The vulnerability allows unauthenticated attackers to execute arbitrary code on affected instances without requiring valid credentials.
CVE-2023-3713 — Metagauss Profilegrid: The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'profile_magic_check_smtp_connection' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily. This can be used by attackers to achieve privilege escalation. CVSSv3.1 8.8 (HIGH) · EPSS 28th percentile
CVE-2023-2958 — Orjinyazilim Ats_pro: Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse
Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse, Authentication Bypass.This issue affects ATS Pro: before 20230714. CVSSv3.1 9.8 (CRITICAL) · EPSS 6th percentile
CVE-2023-3376 — Dijital Zekiweb: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Strategy Zekiweb allows SQL Injection.This issue affects Zekiweb: before 2. CVSSv3.1 9.8 (CRITICAL) · EPSS 29th percentile
CVE-2023-2963 — Olivaekspertiz Oliva_ekspertiz: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.This issue affects Oliva Expertise EKS: before 1.2. CVSSv3.1 9.8 (CRITICAL) · EPSS 29th percentile
CVE-2023-35070 — Vegagroup Web_collection: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VegaGroup Web Collection allows SQL Injection.This issue affects Web Collection: before 31197. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-2957 — Lisayazilim Florist_site: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisa Software Florist Site allows SQL Injection.This issue affects Florist Site: before 3.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-1547 — Elra Parkmatik: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Elra Parkmatik allows SQL Injection through SOAP Parameter Tampering, Command Line Execution through SQL Injection. This issue affects Parkmatik: before 02.01-a51. CVSSv3.1 9.8 (CRITICAL) · EPSS 28th percentile
CVE-2023-3343 — Wpeverest User_registration: The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 3.0.1 via deserialization of untrusted input from the 'profile-pic-url' parameter. This allows authenticated attackers, with subscriber-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to del CVSSv3.1 8.8 (HIGH) · EPSS 71th percentile
CVE-2023-3342 — Wpeverest User_registration: The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to
The User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to a hardcoded encryption key and missing file type validation on the 'ur_upload_profile_pic' function in versions up to, and including, 3.0.2. This makes it possible for authenticated attackers with subscriber-level capabilities or above to upload arbitrary files on the affected site's server which may make remote code execution possible. This was partially patched in version 3.0.2 and ful CVSSv3.1 9.9 (CRITICAL) · EPSS 91th percentile
CVE-2023-33668 — Digiexam Digiexam: up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers. CVSSv3.1 9.8 (CRITICAL) · EPSS 34th percentile
CVE-2023-3105 — Learndash Learndash: The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in
The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for attackers with with existing account access at any level, to change user passwords and potentially take over administrator accounts. CVSSv3.1 8.8 (HIGH) · EPSS 18th percentile
CVE-2023-33150 — Microsoft 365_apps: Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability CVSSv3.1 9.6 (CRITICAL) · EPSS 42th percentile
CVE-2023-3271 — Sick Icr890-4_firmware: Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints. CVSSv3.1 8.2 (HIGH) · EPSS 44th percentile
CVE-2023-3045 — Tise Parking_web_report: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tise Technology Parking Web Report allows SQL Injection.This issue affects Parking Web Report: before 2.1. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-2852 — Softmedyazilim Selfpatron: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQL Injection.This issue affects SelfPatron : before 2.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2023-2046 — Yontemizleme Vehicle_tracking_system: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yontem Informatics Vehicle Tracking System allows SQL Injection.This issue affects Vehicle Tracking System: before 8. CVSSv3.1 9.8 (CRITICAL) · EPSS 24th percentile
CVE-2022-42175 — Soluslabs Solusvm: Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker
Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization. CVSSv3.1 8.8 (HIGH) · EPSS 45th percentile
CVE-2021-4401 — Analogwp Style_kits: The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions
The Style Kits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.0. This is due to missing or incorrect nonce validation on the update_posts_stylekit() function. This makes it possible for unauthenticated attackers to update style kits for posts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 51th percentile
CVE-2023-36144 — Intelbras Sg_2404_mr_firmware: An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an
An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration. CVSSv3.1 7.5 (HIGH) · EPSS 98th percentile