LockBit 3.0 Ransomware Victim: cabinet-paillet[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: March 2023
LockBit 3.0 Ransomware Victim: kaycan[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Discourse denial of service | CVE-2023-28107
NAME__________Discourse denial of servicePlatforms Affected:Risk Level:4.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of service, caused by improper allocation...
silverstripe/graphql denial of service | CVE-2023-28104
NAME__________silverstripe/graphql denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________silverstripe/graphql is vulnerable to a denial of service, caused by a flaw...
Discourse server-side request forgery | CVE-2023-28111
NAME__________Discourse server-side request forgeryPlatforms Affected:Risk Level:5.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Discourse is vulnerable to server-side request forgery, caused by a flaw in the...
RockOA file upload | CVE-2023-1501
NAME__________RockOA file uploadPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________RockOA could allow a remote authenticated attacker to upload arbitrary files, caused by improper...
Discourse cross-site scripting | CVE-2023-26040
NAME__________Discourse cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
svg-sanitizer cross-site scripting | CVE-2023-28426
NAME__________svg-sanitizer cross-site scriptingPlatforms Affected:svg-sanitizer svg-sanitizer 0.15.4Risk Level:5.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________svg-sanitizer is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Discourse information disclosure | CVE-2023-23622
NAME__________Discourse information disclosurePlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Discourse could allow a remote attacker to obtain sensitive information, caused by a flaw...
Discourse server-side request forgery | CVE-2023-28112
NAME__________Discourse server-side request forgeryPlatforms Affected:Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Discourse is vulnerable to server-side request forgery, caused by a flaw in the...
Pimcore cross-site scripting | CVE-2023-28429
NAME__________Pimcore cross-site scriptingPlatforms Affected:Pimcore Pimcore 10.5.18Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pimcore is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
RapidLoad Power-Up for Autoptimize Plugin for WordPress cross-site request forgery | CVE-2023-1472
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:6.3Exploitability:UnprovenConsequences:Gain...
Simple Art Gallery cross-site scripting | CVE-2023-1500
NAME__________Simple Art Gallery cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Simple Art Gallery is vulnerable to cross-site scripting, caused by improper validation...
Discourse cross-site scripting | CVE-2023-25172
NAME__________Discourse cross-site scriptingPlatforms Affected:Risk Level:4.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
GoToWP Plugin for WordPress cross-site scripting | CVE-2023-0369
NAME__________GoToWP Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress GoToWP Plugin for WordPress 5.1.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GoToWP Plugin for WordPress is vulnerable...
Human Resource Management System /hrm/controller/login.php SQL injection |
NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A...
Camera slideshow Plugin for WordPress cross-site scripting | CVE-2023-22682
NAME__________Camera slideshow Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Camera slideshow Plugin for WordPress 1.4.0.1Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Camera slideshow Plugin for...
WP htpasswd Plugin for WordPress cross-site scripting | CVE-2023-25064
NAME__________WP htpasswd Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP htpasswd Plugin for WordPress 1.7Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP htpasswd Plugin for...
David Gwyer Admin Log Plugin for WordPress cross-site request forgery | CVE-2023-23721
NAME__________David Gwyer Admin Log Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Admin Log Plugin for WordPress 1.50Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________David...
Service Area Postcode Checker Plugin for WordPress cross-site scripting | CVE-2023-25782
NAME__________Service Area Postcode Checker Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Service Area Postcode Checker Plugin for WordPress 2.0.8Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Online Exam Software: eExamhall Plugin for WordPress cross-site request forgery | CVE-2023-22681
NAME__________Online Exam Software: eExamhall Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Online Exam Software: eExamhall plugin for WordPress 4.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain...
Best Online News Portal search.php SQL injection |
NAME__________Best Online News Portal search.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Best Online News Portal is vulnerable to SQL injection. A...
No API Amazon Affiliate Plugin for WordPress cross-site scripting | CVE-2023-22680
NAME__________No API Amazon Affiliate Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress No API Amazon Affiliate Plugin for WordPress 4.2.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Mighty Digital Nooz Plugin for WordPress cross-site scripting | CVE-2023-25794
NAME__________Mighty Digital Nooz Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Mighty Digital Nooz Plugin for WordPress 1.6.0Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Mighty Digital...
