Search Results | AttackerKB

Show filters

Topics 4,018 Users 9,727

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4,018 Total Results

Displaying 181-190 of 4,018

Attacker Value

Unknown

CVE-2023-45909

Disclosure Date: October 18, 2023 (last updated February 25, 2025)

zzzcms v2.2.0 was discovered to contain an open redirect vulnerability.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-41580

Disclosure Date: October 02, 2023 (last updated February 25, 2025)

Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-5320

Disclosure Date: September 30, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-5319

Disclosure Date: September 30, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-5317

Disclosure Date: September 30, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

Attack Vector: Network Privileges: Low User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-5316

Disclosure Date: September 30, 2023 (last updated February 25, 2025)

Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

Attack Vector: Network Privileges: None User Interaction: Required

0

Attacker Value

Unknown

CVE-2023-5227

Disclosure Date: September 30, 2023 (last updated February 25, 2025)

Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-5053

Disclosure Date: September 28, 2023 (last updated February 25, 2025)

Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-5004

Disclosure Date: September 28, 2023 (last updated February 25, 2025)

Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-43132

Disclosure Date: September 25, 2023 (last updated February 25, 2025)

szvone vmqphp <=1.13 is vulnerable to SQL Injection. Unauthorized remote users can use sql injection attacks to obtain the hash of the administrator password.

Attack Vector: Network Privileges: Low User Interaction: None

0