Daily Vulnerability Trends: Thu Mar 16 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-25610 No description provided CVE-2023-1017An out-of-bounds write vulnerability exists in TPM2.0's Module...
CVE
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1337
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1338
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1334
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1339
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1336
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
AvantFAX Information disclosure | CVE-2023-23327
NAME__________AvantFAX Information disclosurePlatforms Affected:AvantFAX AvantFAX 3.3.7Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________AvantFAX could allow a remote attacker to obtain sensitive information, caused by...
Roxy-WI directory traversal | CVE-2023-25802
NAME__________Roxy-WI directory traversalPlatforms Affected:Roxy-WI Roxy-WI 6.3.5.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Roxy-WI could allow a remote attacker to traverse directories on the system,...
LMXCMS SQL injection | CVE-2023-1321
NAME__________LMXCMS SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________LMXCMS is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
Online Pizza Ordering System SQL injection | CVE-2023-1364
NAME__________Online Pizza Ordering System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A remote...
115cms file upload | CVE-2023-1328
NAME__________115cms file uploadPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________115cms could allow a remote authenticated attacker to upload arbitrary files, caused by improper...
CodeIgniter Shield information disclosure | CVE-2023-27580
NAME__________CodeIgniter Shield information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________CodeIgniter Shield could allow a remote attacker to obtain sensitive information, caused by...
Online Pizza Ordering System SQL injection | CVE-2023-1365
NAME__________Online Pizza Ordering System SQL injectionPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A remote...
LMXCMS SQL injection | CVE-2023-1322
NAME__________LMXCMS SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________LMXCMS is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
Roxy-WI directory traversal | CVE-2023-25803
NAME__________Roxy-WI directory traversalPlatforms Affected:Roxy-WI Roxy-WI 6.3.4.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Roxy-WI could allow a remote attacker to traverse directories on the system,...
RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypass | CVE-2023-1333
NAME__________RapidLoad Power-Up for Autoptimize Plugin for WordPress security bypassPlatforms Affected:WordPress RapidLoad Power-Up for Autoptimize Plugin for WordPress 1.7.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access...
NETGEAR products buffer overflow |
NAME__________NETGEAR products buffer overflowPlatforms Affected:Netgear R6400 Netgear R7000 Netgear R8000 NETGEAR R7000P NETGEAR R6400v2 NETGEAR R6700v3 NETGEAR RAX200 NETGEAR R6900P...
Computer Parts Sales and Inventory System SQL injection | CVE-2023-1363
NAME__________Computer Parts Sales and Inventory System SQL injectionPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Computer Parts Sales and Inventory System is vulnerable to...
Microsoft Dynamics 365 (on-premises) cross-site scripting | CVE-2023-24879
NAME__________Microsoft Dynamics 365 (on-premises) cross-site scriptingPlatforms Affected:Microsoft Dynamics 365 (on-premises) 9.0 Microsoft Dynamics 365 (on-premises) 9.1Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Microsoft Dynamics...
Linux Kernel denial of service | CVE-2023-1032
NAME__________Linux Kernel denial of servicePlatforms Affected:Linux KernelRisk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Linux Kernel is vulnerable to a denial of service, caused...
ReadtoMyShoe information disclosure | CVE-2023-27587
NAME__________ReadtoMyShoe information disclosurePlatforms Affected:Risk Level:7.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ReadtoMyShoe could allow a remote attacker to obtain sensitive information, caused by the insertion...
Yoga Class Registration System SQL injection | CVE-2023-1366
NAME__________Yoga Class Registration System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Yoga Class Registration System is vulnerable to SQL injection. A remote...
PrestaShop cross-site request forgery | CVE-2023-25170
NAME__________PrestaShop cross-site request forgeryPlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PrestaShop is vulnerable to cross-site request forgery, caused by improper validation of user-supplied...
Microsoft Dynamics 365 (on-premises) cross-site scripting | CVE-2023-24921
NAME__________Microsoft Dynamics 365 (on-premises) cross-site scriptingPlatforms Affected:Risk Level:4.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Microsoft Dynamics 365 (on-premises) is vulnerable to cross-site scripting, caused by...
