Cobalt Stike Beacon Detected – 47[.]106[.]21[.]82:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: May 2023
IBM i privilege escalation | CVE-2023-23470
NAME__________IBM i privilege escalationPlatforms Affected:IBM i 7.2 IBM i 7.3 IBM i 7.4 IBM i 7.5Risk Level:6.4Exploitability:UnprovenConsequences: DESCRIPTION__________IBM i 7.2,...
Elastic Filebeat information disclosure | CVE-2023-31413
NAME__________Elastic Filebeat information disclosurePlatforms Affected:Elastic Filebeat 7.17.9 Elastic Filebeat 8.6.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Elastic Filebeat could allow a local authenticated attacker...
Dell ECS security bypass | CVE-2023-25934
NAME__________Dell ECS security bypassPlatforms Affected:Dell ECS 3.8.0Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Dell ECS could allow a remote attacker to bypass security restrictions,...
Amazon Fire TV Stick 3rd gen and Insignia TV security bypass | CVE-2023-1383
NAME__________Amazon Fire TV Stick 3rd gen and Insignia TV security bypassPlatforms Affected:Insignia Insignia TV with FireOS 6.2 Amazon Fire TV...
Amazon Fire TV Stick 3rd gen and Insignia TV cross-site scripting | CVE-2023-1384
NAME__________Amazon Fire TV Stick 3rd gen and Insignia TV cross-site scriptingPlatforms Affected:Insignia Insignia TV with FireOS 6.2 Amazon Fire TV...
PrestaShop SC Export Customers module information disclosure | CVE-2023-30282
NAME__________PrestaShop SC Export Customers module information disclosurePlatforms Affected:PrestaShop SC Export Customers 3.6.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PrestaShop SC Export Customers module could...
Amazon Fire TV Stick 3rd gen and Insignia TV security bypass | CVE-2023-1385
NAME__________Amazon Fire TV Stick 3rd gen and Insignia TV security bypassPlatforms Affected:Insignia Insignia TV with FireOS 6.2 Amazon Fire TV...
WP BaiDu Submit Plugin for WordPress cross-site scripting | CVE-2023-25796
NAME__________WP BaiDu Submit Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP BaiDu Submit Plugin for WordPress 1.2.1Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP BaiDu...
ASUS RT-AC51U cross-site scripting | CVE-2023-29772
NAME__________ASUS RT-AC51U cross-site scriptingPlatforms Affected:ASUS RT-AC51U 3.0.0.4.380.8591Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ASUS RT-AC51U is vulnerable to cross-site scripting, caused by improper validation...
Enalean Tuleap cross-site scripting | CVE-2023-30619
NAME__________Enalean Tuleap cross-site scriptingPlatforms Affected:Enalean Tuleap Community Edition 14.7.99.76Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Enalean Tuleap is vulnerable to cross-site scripting, caused by...
FireCask Like & Share Button Plugin for WordPress cross-site scripting | CVE-2023-25783
NAME__________FireCask Like & Share Button Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress FireCask Like & Share Button Plugin for WordPress 1.1.5Risk...
Fortinet FortiADC command execution | CVE-2023-27999
NAME__________Fortinet FortiADC command executionPlatforms Affected:Fortinet FortiADC 7.1.0 Fortinet FortiADC 7.1.1 Fortinet FortiADC 7.2.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiADC could allow a...
Eyes Only: User Access Shortcode Plugin for WordPress cross-site scripting | CVE-2023-25786
NAME__________Eyes Only: User Access Shortcode Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Eyes Only: User Access Shortcode Plugin for WordPress 1.8.2Risk...
Aigital Wireless-N Repeater Mini_Router security bypass | CVE-2023-30403
NAME__________Aigital Wireless-N Repeater Mini_Router security bypassPlatforms Affected:Aigital Wireless-N Repeater Mini_Router 0.131229Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Aigital Wireless-N Repeater Mini_Router could allow a...
Fortinet FortiOS and FortiProxy code execution | CVE-2023-22640
NAME__________Fortinet FortiOS and FortiProxy code executionPlatforms Affected:Fortinet FortiProxy 2.0.0 Fortinet FortiProxy 1.1 Fortinet FortiOS 7.0.0 Fortinet FortiProxy 7.0.0 Fortinet FortiOS...
Sticky Ad Bar Plugin for WordPress cross-site scripting | CVE-2023-25784
NAME__________Sticky Ad Bar Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Sticky Ad Bar Plugin for WordPress 1.3.1Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sticky Ad...
Olevmedia Olevmedia Shortcodes Plugin for WordPress cross-site scripting | CVE-2023-25798
NAME__________Olevmedia Olevmedia Shortcodes Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Olevmedia Olevmedia Shortcodes Plugin for WordPress 1.1.9Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Olevmedia Olevmedia...
Fortinet FortiNAC weak security | CVE-2022-45858
NAME__________Fortinet FortiNAC weak securityPlatforms Affected:Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiNAC could provide weaker than expected security, caused by the use of...
Tapfiliate Plugin for WordPress cross-site scripting | CVE-2023-25789
NAME__________Tapfiliate Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Tapfiliate Plugin for WordPress 3.0.12Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Tapfiliate Plugin for WordPress is vulnerable...
Fortinet FortiNAC default account | CVE-2023-26203
NAME__________Fortinet FortiNAC default accountPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiNAC contains default hardcoded credentials. A local authenticated attacker could exploit this...
Fortinet FortiADC directory traversal | CVE-2023-27993
NAME__________Fortinet FortiADC directory traversalPlatforms Affected:Risk Level:6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fortinet FortiADC could allow a local authenticated attacker to traverse directories on the...
vSlider Multi Image Slider Plugin for WordPress cross-site scripting | CVE-2023-25797
NAME__________vSlider Multi Image Slider Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress vSlider Multi Image Slider Plugin for WordPress 4.1.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Fortinet FortiNAC cross-site scripting | CVE-2023-22637
NAME__________Fortinet FortiNAC cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Fortinet FortiNAC is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
