Show filters
356 Total Results
Displaying 61-70 of 356
Sort by:
Attacker Value
Unknown

CVE-2023-42331

Disclosure Date: September 20, 2023 (last updated October 09, 2023)
A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-4407

Disclosure Date: August 18, 2023 (last updated October 08, 2023)
A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-40518

Disclosure Date: August 14, 2023 (last updated October 08, 2023)
LiteSpeed OpenLiteSpeed before 1.7.18 does not strictly validate HTTP request headers.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-36984

Disclosure Date: August 01, 2023 (last updated October 08, 2023)
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-36983

Disclosure Date: August 01, 2023 (last updated October 08, 2023)
LavaLite CMS v 9.0.0 is vulnerable to Sensitive Data Exposure.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-28418

Disclosure Date: June 22, 2023 (last updated October 08, 2023)
Auth. (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Yudlee themes Mediciti Lite theme <= 1.3.0 versions.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-27716

Disclosure Date: June 12, 2023 (last updated October 08, 2023)
An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network to gain escalated privileges for the nodes running on it.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-28701

Disclosure Date: May 30, 2023 (last updated October 08, 2023)
ELITE TECHNOLOGY CORP. Web Fax has a vulnerability of SQL Injection. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to perform arbitrary system commands, disrupt service or terminate service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-46800

Disclosure Date: May 25, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in LiteSpeed Technologies LiteSpeed Cache plugin <= 5.3 versions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-32697

Disclosure Date: May 23, 2023 (last updated October 08, 2023)
SQLite JDBC is a library for accessing and creating SQLite database files in Java. Sqlite-jdbc addresses a remote code execution vulnerability via JDBC URL. This issue impacting versions 3.6.14.1 through 3.41.2.1 and has been fixed in version 3.41.2.2.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >