Data Manipulation

Sourcecodester Best Courier Management System SQL injection | CVE-2023-46005

October 23, 2023

NAME__________Sourcecodester Best Courier Management System SQL injectionPlatforms Affected:Sourcecodester Best Courier Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Best Courier Management System...

HP t430 Thin Client and HP t638 Thin Client tampering | CVE-2023-5409

October 18, 2023

NAME__________HP t430 Thin Client and HP t638 Thin Client tamperingPlatforms Affected:HP N41 BIOS 00.01.13 HP N44 BIOS 00.02.10 HP N43...

Free Hospital Management System for Small Practices SQL injection | CVE-2023-5587

October 17, 2023

NAME__________Free Hospital Management System for Small Practices SQL injectionPlatforms Affected:Sourcecodester Free Hospital Management System for Small Practices 1.0Risk Level:6.3Exploitability:HighConsequences:Data Manipulation...

Apache InLong SQL injection | CVE-2023-43667

October 17, 2023

NAME__________Apache InLong SQL injectionPlatforms Affected:Apache InLong 1.4.0 Apache InLong 1.5.0 Apache InLong 1.6.0 Apache InLong 1.7.0 Apache InLong 1.8.0Risk Level:6.5Exploitability:HighConsequences:Data...

LibreNMS SQL injection | CVE-2023-5591

October 17, 2023

NAME__________LibreNMS SQL injectionPlatforms Affected:LibreNMS LibreNMS 1.47 LibreNMS LibreNMS 21.0 LibreNMS LibreNMS 20.0 LibreNMS LibreNMS 23.8.1 LibreNMS LibreNMS 23.8.0Risk Level:7.8Exploitability:UnprovenConsequences:Data Manipulation...

Plixer Scrutinizer information disclosure | CVE-2023-41262

October 15, 2023

NAME__________Plixer Scrutinizer information disclosurePlatforms Affected:Plixer Scrutinizer 19.3.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Plixer Scrutinizer is vulnerable to SQL injection. A remote attacker could...

Koha Library Software SQL injection | CVE-2023-44961

October 14, 2023

NAME__________Koha Library Software SQL injectionPlatforms Affected:Koha Koha Library Software 23.05.04Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Koha Library Software is vulnerable to SQL injection....

Smart School SQL injection | CVE-2023-5495

October 12, 2023

NAME__________Smart School SQL injectionPlatforms Affected:QDocs Smart School 6.4.1Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Smart School is vulnerable to SQL injection. A remote authenticated...

SuiteCRM SQL injection | CVE-2023-5350

October 6, 2023

NAME__________SuiteCRM SQL injectionPlatforms Affected:ssalesagility suitecrm 7.12.12 ssalesagility suitecrm 7.13.4 ssalesagility suitecrm 8.3.1Risk Level:6.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SuiteCRM is vulnerable to SQL injection....

TTSPlanning SQL injection | CVE-2023-5300

October 3, 2023

NAME__________TTSPlanning SQL injectionPlatforms Affected:TTSPlanning TTSPlanningRisk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________TTSPlanning is vulnerable to SQL injection. A remote authenticated attacker could send specially...

GLPI SQL injection | CVE-2023-42461

September 28, 2023

NAME__________GLPI SQL injectionPlatforms Affected:GLPI GLPIRisk Level:4.9Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________GLPI is vulnerable to SQL injection. A remote authenticated attacker could send specially...

szvone vmqphp SQL injection | CVE-2023-43132

September 27, 2023

NAME__________szvone vmqphp SQL injectionPlatforms Affected:szvone vmqphp 1.13Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________szvone vmqphp is vulnerable to SQL injection. A remote attacker could...

Online Job Portal SQL injection | CVE-2023-43469

September 27, 2023

NAME__________Online Job Portal SQL injectionPlatforms Affected:SourceCodester Online Job Portal 2020Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Job Portal is vulnerable to SQL injection....

Online Job Portal SQL injection | CVE-2023-43468

September 27, 2023

Online Voting System SQL injection | CVE-2023-43470

September 27, 2023

NAME__________Online Voting System SQL injectionPlatforms Affected:SourceCodester Online Job Portal 2020Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Voting System is vulnerable to SQL injection....

Welcart e-Commerce plugin for WordPress directory traversal | CVE-2023-40532

September 26, 2023

NAME__________Welcart e-Commerce plugin for WordPress directory traversalPlatforms Affected:WordPress Welcart e-Commerce plugin for WordPress 2.8.21 WordPress Welcart e-Commerce plugin for WordPress...

Welcart e-Commerce plugin for WordPress SQL Injection | CVE-2023-43610

September 26, 2023

NAME__________Welcart e-Commerce plugin for WordPress SQL InjectionPlatforms Affected:WordPress Welcart e-Commerce plugin for WordPress 2.8.21 WordPress Welcart e-Commerce plugin for WordPress...

Dreamer CMS SQL injection | CVE-2023-42279

September 23, 2023

NAME__________Dreamer CMS SQL injectionPlatforms Affected:I Teach You Dreamer CMS 4.1.3Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Dreamer CMS is vulnerable to SQL injection. A...

Frappe SQL injection | CVE-2023-42807

September 23, 2023

NAME__________Frappe SQL injectionPlatforms Affected:Frappe Frappe 1.0.0Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Frappe is vulnerable to SQL injection. A remote attacker could send specially...

Hotel Druid SQL injection | CVE-2023-43371

September 23, 2023

NAME__________Hotel Druid SQL injectionPlatforms Affected:HotelDruid HotelDruid 3.0.5Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Hotel Druid is vulnerable to SQL injection. A remote attacker could...

Hotel Druid SQL injection | CVE-2023-43374

September 22, 2023

Progress MOVEit Transfer SQL injection | CVE-2023-40043

September 22, 2023

NAME__________Progress MOVEit Transfer SQL injectionPlatforms Affected:Progress MOVEit Transfer 2018 SP2 (10.2) Progress MOVEit Transfer 2019 (11.0) Progress MOVEit Transfer 2019.1...

Hotel Druid SQL injection | CVE-2023-43373

September 22, 2023

Hotel Druid SQL injection | CVE-2023-43375

September 22, 2023

Data Manipulation

Sourcecodester Best Courier Management System SQL injection | CVE-2023-46005

HP t430 Thin Client and HP t638 Thin Client tampering | CVE-2023-5409

Free Hospital Management System for Small Practices SQL injection | CVE-2023-5587

Apache InLong SQL injection | CVE-2023-43667

LibreNMS SQL injection | CVE-2023-5591

Plixer Scrutinizer information disclosure | CVE-2023-41262

Koha Library Software SQL injection | CVE-2023-44961

Smart School SQL injection | CVE-2023-5495

SuiteCRM SQL injection | CVE-2023-5350

TTSPlanning SQL injection | CVE-2023-5300

GLPI SQL injection | CVE-2023-42461

szvone vmqphp SQL injection | CVE-2023-43132

Online Job Portal SQL injection | CVE-2023-43469

Online Job Portal SQL injection | CVE-2023-43468

Online Voting System SQL injection | CVE-2023-43470

Welcart e-Commerce plugin for WordPress directory traversal | CVE-2023-40532

Welcart e-Commerce plugin for WordPress SQL Injection | CVE-2023-43610

Dreamer CMS SQL injection | CVE-2023-42279

Frappe SQL injection | CVE-2023-42807

Hotel Druid SQL injection | CVE-2023-43371

Hotel Druid SQL injection | CVE-2023-43374

Progress MOVEit Transfer SQL injection | CVE-2023-40043

Hotel Druid SQL injection | CVE-2023-43373

Hotel Druid SQL injection | CVE-2023-43375

CISA: Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

You may have missed