Show filters
440 Total Results
Displaying 161-170 of 440
Sort by:
Attacker Value
Unknown

CVE-2023-37997

Disclosure Date: September 01, 2023 (last updated October 08, 2023)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh Patel Post List With Featured Image plugin <= 1.2 versions.
Attacker Value
Unknown

CVE-2023-39135

Disclosure Date: August 30, 2023 (last updated October 08, 2023)
An issue in Zip Swift v2.1.2 allows attackers to execute a path traversal attack via a crafted zip entry.
Attacker Value
Unknown

CVE-2023-3717

Disclosure Date: August 08, 2023 (last updated February 25, 2025)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administration Console: before 1.02.
Attacker Value
Unknown

CVE-2023-4186

Disclosure Date: August 06, 2023 (last updated February 25, 2025)
A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236221 was assigned to this vulnerability.
Attacker Value
Unknown

CVE-2022-43703

Disclosure Date: July 27, 2023 (last updated February 25, 2025)
An installer that loads or executes files using an unconstrained search path may be vulnerable to substitute files under control of an attacker being loaded or executed instead of the intended files.
Attacker Value
Unknown

CVE-2022-43702

Disclosure Date: July 27, 2023 (last updated February 25, 2025)
When the directory containing the installer does not have sufficiently restrictive file permissions, an attacker can modify (or replace) the installer to execute malicious code.
Attacker Value
Unknown

CVE-2022-43701

Disclosure Date: July 27, 2023 (last updated February 25, 2025)
When the installation directory does not have sufficiently restrictive file permissions, an attacker can modify files in the installation directory to cause execution of malicious code.
Attacker Value
Unknown

CVE-2022-47421

Disclosure Date: July 18, 2023 (last updated February 25, 2025)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.
Attacker Value
Unknown

CVE-2023-3011

Disclosure Date: July 12, 2023 (last updated October 08, 2023)
The ARMember plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.0.5. This is due to missing or incorrect nonce validation on the arm_check_user_cap function. This makes it possible for unauthenticated attackers to perform multiple unauthorized actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Attacker Value
Unknown

CVE-2023-26085

Disclosure Date: June 29, 2023 (last updated February 25, 2025)
A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02.