Month: August 2023

PHPJabbers Time Slots Booking Calendar preview.php cross-site scripting | CVE-2023-33564

August 4, 2023

NAME__________PHPJabbers Time Slots Booking Calendar preview.php cross-site scriptingPlatforms Affected:PHPJabbers Time Slots Booking Calendar 3.3Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Time Slots Booking...

JLex Review extension for Joomla cross-site scripting |

August 4, 2023

NAME__________JLex Review extension for Joomla cross-site scriptingPlatforms Affected:JLexArt JLex Review extension for Joomla 6.0.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________JLex Review extension for...

FreeBSD buffer overflow | CVE-2023-3494

August 4, 2023

NAME__________FreeBSD buffer overflowPlatforms Affected:FreeBSD FreeBSD 13.1 FreeBSD FreeBSD 13.2Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________FreeBSD is vulnerable to a buffer overflow, caused by...

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31429

August 4, 2023

NAME__________Broadcom Brocade Fabric OS information disclosurePlatforms Affected:Broadcom Brocade Fabric OS 8.2.1 Broadcom Brocade Fabric OS 8.2.3Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Broadcom Brocade...

PHPJabbers Catering System index.php cross-site scripting | CVE-2023-34869

August 4, 2023

NAME__________PHPJabbers Catering System index.php cross-site scriptingPlatforms Affected:PHPJabbers Catering System 1.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPJabbers Catering System is vulnerable to cross-site scripting,...

Broadcom Brocade Fabric OS code execution | CVE-2023-31926

August 4, 2023

NAME__________Broadcom Brocade Fabric OS code executionPlatforms Affected:Broadcom Brocade Fabric OS 8.2.1 Broadcom Brocade Fabric OS 8.2.3Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Broadcom Brocade...

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31428

August 4, 2023

Bus Ticket Booking with Seat Reservation plugin for WordPress cross-site scripting | CVE-2023-4067

August 4, 2023

NAME__________Bus Ticket Booking with Seat Reservation plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Bus Ticket Booking with Seat Reservation plugin for...

PHPJabbers Time Slots Booking Calendar security bypass | CVE-2023-33561

August 4, 2023

NAME__________PHPJabbers Time Slots Booking Calendar security bypassPlatforms Affected:PHPJabbers Time Slots Booking Calendar 3.3Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PHPJabbers Time Slots Booking Calendar...

OMRON CX-Programmer code execution | CVE-2023-38747

August 4, 2023

NAME__________OMRON CX-Programmer code executionPlatforms Affected:Omron CX-Programmer 9.80Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OMRON CX-Programmer could allow a remote attacker to execute arbitrary code...

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31426

August 4, 2023

NAME__________Broadcom Brocade Fabric OS information disclosurePlatforms Affected:Broadcom Brocade Fabric OS 8.2.1 Broadcom Brocade Fabric OS 8.2.3Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Broadcom Brocade...

OMRON CX-Programmer code execution | CVE-2023-38746

August 4, 2023

Xiaomi cloud service Application cross-site scripting | CVE-2023-26316

August 4, 2023

NAME__________Xiaomi cloud service Application cross-site scriptingPlatforms Affected:Xiaomi cloud service Application 1.12.0.0.25Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Xiaomi cloud service Application is vulnerable to...

Broadcom Brocade Fabric OS privilege escalation | CVE-2023-31425

August 4, 2023

NAME__________Broadcom Brocade Fabric OS privilege escalationPlatforms Affected:Broadcom Brocade Fabric OS 8.2.1 Broadcom Brocade Fabric OS 8.2.3Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Broadcom Brocade...

Open-Xchange OX App Suite cross-site scripting | CVE-2023-26446

August 4, 2023

NAME__________Open-Xchange OX App Suite cross-site scriptingPlatforms Affected:Open-Xchange OX App Suite frontend 7.10.6-rev27Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Open-Xchange OX App Suite is vulnerable...

F5 BIG-IP information disclosure | CVE-2023-3470

August 4, 2023

NAME__________F5 BIG-IP information disclosurePlatforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP 13.1.3 F5 BIG-IP 15.1.0 F5 BIG-IP 14.1.3Risk Level:6Exploitability:UnprovenConsequences:Obtain...

SEIKO EPSON Web Config denial of service | CVE-2023-38556

August 4, 2023

NAME__________SEIKO EPSON Web Config denial of servicePlatforms Affected:SEIKO EPSON Web ConfigRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SEIKO EPSON Web Config is vulnerable...

Academy LMS cross-site scripting | CVE-2023-4119

August 4, 2023

NAME__________Academy LMS cross-site scriptingPlatforms Affected:Creativeitem Academy LMS 6.0Risk Level:4.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Academy LMS is vulnerable to cross-site scripting, caused by improper...

Cisco BroadWorks CommPilot Application Software cross-site scripting | CVE-2023-20204

August 4, 2023

NAME__________Cisco BroadWorks CommPilot Application Software cross-site scriptingPlatforms Affected:Cisco BroadWorks Application Server Cisco BroadWorks Application Delivery Platform Software Cisco BroadWorks Xtended...

Open-Xchange OX App Suite cross-site scripting | CVE-2023-26449

August 4, 2023

F5 BIG-IP and BIG-IQ Centralized Management denial of service | CVE-2023-38419

August 4, 2023

NAME__________F5 BIG-IP and BIG-IQ Centralized Management denial of servicePlatforms Affected:F5 BIG-IP 13.1.0 F5 BIG-IP 15.1.0 F5 BIG-IP 14.1.0 F5 BIG-IP...

Golang html package cross-site scripting | CVE-2023-3978

August 4, 2023

NAME__________Golang html package cross-site scriptingPlatforms Affected:Golang html 0.12.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Golang html package is vulnerable to cross-site scripting, caused by...

Liferay Portal and Liferay DXP information disclosure | CVE-2023-3426

August 4, 2023

NAME__________Liferay Portal and Liferay DXP information disclosurePlatforms Affected:Liferay Liferay Portal 7.4.3.81 Liferay Liferay Portal 7.4.3.85 Liferay Liferay DXP 7.4 update...

Open-Xchange OX App Backend weak security | CVE-2023-26451

August 4, 2023

NAME__________Open-Xchange OX App Backend weak securityPlatforms Affected:Open-Xchange OX App Suite Backend 7.10.6-rev42Risk Level:7.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Open-Xchange OX App Backend could provide...

Month: August 2023

PHPJabbers Time Slots Booking Calendar preview.php cross-site scripting | CVE-2023-33564

JLex Review extension for Joomla cross-site scripting |

FreeBSD buffer overflow | CVE-2023-3494

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31429

PHPJabbers Catering System index.php cross-site scripting | CVE-2023-34869

Broadcom Brocade Fabric OS code execution | CVE-2023-31926

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31428

Bus Ticket Booking with Seat Reservation plugin for WordPress cross-site scripting | CVE-2023-4067

PHPJabbers Time Slots Booking Calendar security bypass | CVE-2023-33561

OMRON CX-Programmer code execution | CVE-2023-38747

Broadcom Brocade Fabric OS information disclosure | CVE-2023-31426

OMRON CX-Programmer code execution | CVE-2023-38746

Xiaomi cloud service Application cross-site scripting | CVE-2023-26316

Broadcom Brocade Fabric OS privilege escalation | CVE-2023-31425

Open-Xchange OX App Suite cross-site scripting | CVE-2023-26446

F5 BIG-IP information disclosure | CVE-2023-3470

SEIKO EPSON Web Config denial of service | CVE-2023-38556

Academy LMS cross-site scripting | CVE-2023-4119

Cisco BroadWorks CommPilot Application Software cross-site scripting | CVE-2023-20204

Open-Xchange OX App Suite cross-site scripting | CVE-2023-26449

F5 BIG-IP and BIG-IQ Centralized Management denial of service | CVE-2023-38419

Golang html package cross-site scripting | CVE-2023-3978

Liferay Portal and Liferay DXP information disclosure | CVE-2023-3426

Open-Xchange OX App Backend weak security | CVE-2023-26451

[RANSOMHUB] – Ransomware Victim: blr[.]com

HackerOne Bug Bounty Disclosure: std-process-command-batch-files-argument-escaping-could-be-bypassed-with-trailing-whitespace-or-periods–xpl-r-r

[LOCKBIT3] – Ransomware Victim: madison-home[.]com

[CHORT] – Ransomware Victim: sheboyganwi[.]gov

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

You may have missed