Vulnerabilities

VMware Tanzu Spring Vault information disclosure | CVE-2023-20859

March 25, 2023

NAME__________VMware Tanzu Spring Vault information disclosurePlatforms Affected:VMware Tanzu Spring Vault 2.3.0 VMware Tanzu Spring Vault 2.3.2 VMware Tanzu Spring Vault...

Temenos cross-site scripting | CVE-2023-24367

March 25, 2023

NAME__________Temenos cross-site scriptingPlatforms Affected:Temenos T24 R20Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Temenos is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

REBUILD SQL injection | CVE-2023-1610

March 25, 2023

NAME__________REBUILD SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________REBUILD is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements...

Human Resource Management System /hrm/controller/login.php SQL injection |

March 25, 2023

NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A...

E-Commerce System security bypass | CVE-2023-1557

March 25, 2023

NAME__________E-Commerce System security bypassPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________E-Commerce System could allow a remote authenticated attacker to bypass security restrictions, caused...

Grafana cross-site scripting | CVE-2023-1410

March 25, 2023

NAME__________Grafana cross-site scriptingPlatforms Affected:Grafana Grafana 8.5.21 Grafana Grafana 9.3.8 Grafana Grafana 9.2.13 Grafana Grafana 9.4.3Risk Level:6.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Grafana is vulnerable...

MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45635

March 25, 2023

NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...

Cisco ASA, FTD, IOS and IOS XE Software denial of service | CVE-2023-20081

March 25, 2023

NAME__________Cisco ASA, FTD, IOS and IOS XE Software denial of servicePlatforms Affected:Cisco Adaptive Security Appliance Software Cisco IOS Software Cisco...

crewjam/saml go library denial of service | CVE-2023-28119

March 25, 2023

NAME__________crewjam/saml go library denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________crewjam/saml go library is vulnerable to a denial of service,...

Judging Management System SQL injection | CVE-2023-1556

March 25, 2023

NAME__________Judging Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Judging Management System is vulnerable to SQL injection. A remote authenticated attacker...

NETGEAR Orbi WiFi Systems information disclosure |

March 25, 2023

NAME__________NETGEAR Orbi WiFi Systems information disclosurePlatforms Affected:NETGEAR RBR750 NETGEAR RBS750 NETGEAR RBR840 NETGEAR RBS840 NETGEAR RBR850 NETGEAR RBS850 NETGEAR RBRE960...

Sauter EY-AS525F001 with moduWeb information disclosure | CVE-2023-27927

March 25, 2023

NAME__________Sauter EY-AS525F001 with moduWeb information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sauter EY-AS525F001 with moduWeb could allow a remote attacker to obtain...

NETGEAR Orbi WiFi Systems command execution |

March 25, 2023

NAME__________NETGEAR Orbi WiFi Systems command executionPlatforms Affected:NETGEAR RBR750 NETGEAR RBS750 NETGEAR RBR840 NETGEAR RBS840 NETGEAR RBR850 NETGEAR RBS850 NETGEAR RBRE960...

NETGEAR Orbi WiFi Systems command execution |

March 25, 2023

NAME__________NETGEAR Orbi WiFi Systems command executionPlatforms Affected:NETGEAR RBR750Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NETGEAR Orbi WiFi Systems could allow a remote authenticated attacker...

Human Resource Management System /hrm/controller/login.php SQL injection |

March 24, 2023

Izmir Katip Celebi University UBYS cross-site scripting | CVE-2023-0320

March 24, 2023

NAME__________Izmir Katip Celebi University UBYS cross-site scriptingPlatforms Affected:Izmir Katip Celebi University UBYS 23.03.16Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Izmir Katip Celebi University UBYS...

Online Pizza Ordering System /php-opos/index.php SQL injection |

March 24, 2023

NAME__________Online Pizza Ordering System /php-opos/index.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A...

Minio information disclosure | CVE-2023-28432

March 24, 2023

NAME__________Minio information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Minio could allow a remote attacker to obtain sensitive information, caused by a flaw...

MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45634

March 24, 2023

Sentry SDK for Python information disclosure | CVE-2023-28117

March 24, 2023

NAME__________Sentry SDK for Python information disclosurePlatforms Affected:Risk Level:7.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sentry SDK for Python could allow a remote authenticated attacker to...

Simple and Beautiful Shopping Cart System file upload | CVE-2023-1558

March 24, 2023

NAME__________Simple and Beautiful Shopping Cart System file uploadPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Simple and Beautiful Shopping Cart System could allow a...

Prestashop tshirtecommerce SQL injection | CVE-2023-27637

March 24, 2023

NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could...

Pacsrapor cross-site scripting | CVE-2023-1154

March 24, 2023

NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pacsrapor is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Pacsrapor cross-site scripting | CVE-2023-1153

March 24, 2023

NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Pacsrapor is vulnerable to SQL injection. A remote attacker could send specially-crafted...

Vulnerabilities

VMware Tanzu Spring Vault information disclosure | CVE-2023-20859

Temenos cross-site scripting | CVE-2023-24367

REBUILD SQL injection | CVE-2023-1610

Human Resource Management System /hrm/controller/login.php SQL injection |

E-Commerce System security bypass | CVE-2023-1557

Grafana cross-site scripting | CVE-2023-1410

MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45635

Cisco ASA, FTD, IOS and IOS XE Software denial of service | CVE-2023-20081

crewjam/saml go library denial of service | CVE-2023-28119

Judging Management System SQL injection | CVE-2023-1556

NETGEAR Orbi WiFi Systems information disclosure |

Sauter EY-AS525F001 with moduWeb information disclosure | CVE-2023-27927

NETGEAR Orbi WiFi Systems command execution |

NETGEAR Orbi WiFi Systems command execution |

Human Resource Management System /hrm/controller/login.php SQL injection |

Izmir Katip Celebi University UBYS cross-site scripting | CVE-2023-0320

Online Pizza Ordering System /php-opos/index.php SQL injection |

Minio information disclosure | CVE-2023-28432

MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45634

Sentry SDK for Python information disclosure | CVE-2023-28117

Simple and Beautiful Shopping Cart System file upload | CVE-2023-1558

Prestashop tshirtecommerce SQL injection | CVE-2023-27637

Pacsrapor cross-site scripting | CVE-2023-1154

Pacsrapor cross-site scripting | CVE-2023-1153

CVE Alert: CVE-2025-2116

CVE Alert: CVE-2025-2114

CVE Alert: CVE-2025-2113

CVE Alert: CVE-2025-2115

CVE Alert: CVE-2025-2117

You may have missed