Show filters
286,774 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2023-49746

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache, Optimization, Performance.This issue affects SpeedyCache – Cache, Optimization, Performance: from n/a through 1.1.2.
0
0
Attacker Value
Unknown

CVE-2023-46641

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24.
0
0
Attacker Value
Unknown

CVE-2023-41804

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4.
0
0
Attacker Value
Unknown

CVE-2022-45362

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue affects Paytm Payment Gateway: from n/a through 2.7.0.
0
0
Attacker Value
Unknown

CVE-2023-50164

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or  Struts 6.3.0.1 or greater to fix this issue.
0
0
Attacker Value
Unknown

CVE-2023-48861

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.
0
0
Attacker Value
Unknown

CVE-2023-48860

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code.
0
0
Attacker Value
Unknown

CVE-2023-49225

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.
0
0
Attacker Value
Unknown

CVE-2023-48841

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
0
0
Attacker Value
Unknown

CVE-2023-48840

Disclosure Date: December 07, 2023 (last updated December 07, 2023)
A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion.
0
0
View More Topics  Next >