Show filters
286,774 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2023-49746
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache, Optimization, Performance.This issue affects SpeedyCache – Cache, Optimization, Performance: from n/a through 1.1.2.
0
Attacker Value
Unknown
CVE-2023-46641
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This issue affects 12 Step Meeting List: from n/a through 3.14.24.
0
Attacker Value
Unknown
CVE-2023-41804
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates — Elementor, WordPress & Beaver Builder Templates.This issue affects Starter Templates — Elementor, WordPress & Beaver Builder Templates: from n/a through 3.2.4.
0
Attacker Value
Unknown
CVE-2022-45362
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue affects Paytm Payment Gateway: from n/a through 2.7.0.
0
Attacker Value
Unknown
CVE-2023-50164
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.1 or greater to fix this issue.
0
Attacker Value
Unknown
CVE-2023-48861
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.
0
Attacker Value
Unknown
CVE-2023-48860
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code.
0
Attacker Value
Unknown
CVE-2023-49225
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.
0
Attacker Value
Unknown
CVE-2023-48841
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
0
Attacker Value
Unknown
CVE-2023-48840
Disclosure Date: December 07, 2023 (last updated December 07, 2023)
A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion.
0