Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2023-6098 An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing t... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-48068 DedeCMS v6.2 was discovered to contain a Cross-site Scripting (XSS) vulnerability via spec_add.php. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-6099 A vulnerability classified as critical has been found in Shenzhen Youkate Industrial Facial Love Cloud Payment System up to 1.0.55.0.0.1. This affects an unknown part of the file /SystemMng.ashx of th... | 7.3 | HIGH | — | 0 |
| CVE-2023-6100 A vulnerability classified as problematic was found in Maiwei Safety Production Control Platform 4.1. This vulnerability affects unknown code of the file /api/DataDictionary/GetItemList. The manipulat... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-6101 A vulnerability, which was classified as problematic, has been found in Maiwei Safety Production Control Platform 4.1. This issue affects some unknown processing of the file /TC/V2.7/ha.html of the co... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-35877 Cross-Site Request Forgery (CSRF) vulnerability in Vadym K. Extra User Details allows Stored XSS.This issue affects Extra User Details: from n/a through 0.5. | 7.1 | HIGH | — | 0 |
| CVE-2023-39166 Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4. | 7.1 | HIGH | — | 0 |
| CVE-2023-31230 Cross-Site Request Forgery (CSRF) vulnerability in Haoqisir Baidu Tongji generator allows Stored XSS.This issue affects Baidu Tongji generator: from n/a through 1.0.2. | 7.1 | HIGH | — | 0 |
| CVE-2023-32123 Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 allows Stored XSS.This issue affects The7: from n/a through 11.7.3. | 7.1 | HIGH | — | 0 |
| CVE-2023-6102 A vulnerability, which was classified as problematic, was found in Maiwei Safety Production Control Platform 4.1. Affected is an unknown function of the file /Content/Plugins/uploader/FileChoose.html?... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-46015 Cross Site Scripting (XSS) vulnerability in index.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via 'msg' parameter in application URL. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-6103 A vulnerability has been found in Intelbras RX 1500 1.1.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /WiFi.html of the component SSID Handler... | 2.4 | LOW | — | 0 |
| CVE-2023-47621 Guest Entries is a php library which allows users to create, update & delete entries from the front-end of a site. In affected versions the file uploads feature did not prevent the upload of PHP files... | 8.8 | HIGH | — | 0 |
| CVE-2023-42813 Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notar... | 6.1 | MEDIUM | — | 0 |
| CVE-2023-42814 Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerable component in Kyvernos Notar... | 3.1 | LOW | — | 0 |
| CVE-2023-46016 Cross Site Scripting (XSS) in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'search' parameter in the application URL. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-42815 Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary v... | 3.1 | LOW | — | 0 |
| CVE-2023-42816 Kyverno is a policy engine designed for Kubernetes. A security vulnerability was found in Kyverno where an attacker could cause denial of service of Kyverno. The vulnerability was in Kyvernos Notary v... | 6.1 | MEDIUM | — | 0 |
| CVE-2023-47117 Label Studio is an open source data labeling tool. In all current versions of Label Studio prior to 1.9.2post0, the application allows users to insecurely set filters for filtering tasks. An attacker ... | 7.5 | HIGH | — | 0 |
| CVE-2023-47625 PX4 autopilot is a flight control solution for drones. In affected versions a global buffer overflow vulnerability exists in the CrsfParser_TryParseCrsfPacket function in /src/drivers/rc/crsf_rc/CrsfP... | 2.9 | LOW | — | 0 |
| CVE-2023-46014 SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-46017 SQL Injection vulnerability in receiverLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'remail' and 'rpassword' parameters. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-46018 SQL injection vulnerability in receiverReg.php in Code-Projects Blood Bank 1.0 \allows attackers to run arbitrary SQL commands via 'remail' parameter. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-47346 Buffer Overflow vulnerability in free5gc 3.3.0, UPF 1.2.0, and SMF 1.2.0 allows attackers to cause a denial of service via crafted PFCP messages. | 7.5 | HIGH | — | 0 |
| CVE-2023-46019 Cross Site Scripting (XSS) vulnerability in abs.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'error' parameter. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-46020 Cross Site Scripting (XSS) in updateprofile.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary code via the 'rename', 'remail', 'rphone' and 'rcity' parameters. | 6.1 | MEDIUM | — | 0 |
| CVE-2023-46021 SQL Injection vulnerability in cancel.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary commands via the 'reqid' parameter. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-47690 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Anton Bond Additional Order Filters for WooCommerce plugin <= 1.10 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-47695 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Scribit Shortcodes Finder plugin <= 1.5.3 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-47696 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Product Enquiry for WooCommerce plugin <= 3.0 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-47697 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP Event Manager WP Event Manager – Events Calendar, Registrations, Sell Tickets with WooCommerce plugin <= 3.1.39 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-47657 Auth. (ShopManager+) Stored Cross-Site Scripting (XSS) vulnerability in GrandPlugins Direct Checkout – Quick View – Buy Now For WooCommerce plugin <= 1.5.8 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-47662 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GoldBroker.Com Live Gold Price & Silver Price Charts Widgets plugin <= 2.4 versions. | 5.9 | MEDIUM | — | 0 |
| CVE-2023-47665 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in edward_plainview Plainview Protect Passwords plugin <= 1.4 versions. | 7.1 | HIGH | — | 0 |
| CVE-2023-47671 Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy Vertical scroll recent.This issue affects Vertical scroll recent post: from n/a through 14.0. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47672 Cross-Site Request Forgery (CSRF) vulnerability in Swashata WP Category Post List Widget.This issue affects WP Category Post List Widget: from n/a through 2.0.3. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47685 Cross-Site Request Forgery (CSRF) vulnerability in Lukman Nakib Preloader Matrix.This issue affects Preloader Matrix: from n/a through 2.0.1. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47243 Cross-Site Request Forgery (CSRF) vulnerability in CodeMShop 코드엠샵 마이사이트 – MSHOP MY SITE.This issue affects 코드엠샵 마이사이트 – MSHOP MY SITE: from n/a through 1.1.6. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47519 Cross-Site Request Forgery (CSRF) vulnerability in WC Product Table WooCommerce Product Table Lite.This issue affects WooCommerce Product Table Lite: from n/a through 2.6.2. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47531 Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Dark Mode.This issue affects Droit Dark Mode: from n/a through 1.1.2. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47551 Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47552 Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Image Hover Effects – WordPress Plugin.This issue affects Image Hover Effects – WordPress Plugin: from n/a through 5.5. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47553 Cross-Site Request Forgery (CSRF) vulnerability in User Local Inc UserHeat Plugin.This issue affects UserHeat Plugin: from n/a through 1.1.6. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47556 Cross-Site Request Forgery (CSRF) vulnerability in James Mehorter Device Theme Switcher.This issue affects Device Theme Switcher: from n/a through 3.0.2. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47644 Cross-Site Request Forgery (CSRF) vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and ... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47649 Cross-Site Request Forgery (CSRF) vulnerability in PriceListo Best Restaurant Menu by PriceListo.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.3.1. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-47650 Cross-Site Request Forgery (CSRF) vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-47651 Cross-Site Request Forgery (CSRF) vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-47655 Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi ANAC XML Bandi di Gara.This issue affects ANAC XML Bandi di Gara: from n/a through 7.5. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-25985 Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5. | 4.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.