• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-0943
Best Pos Management System Project
Best_pos_management_system
2023-02-22
N/A
N/A
A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects some unknown processing of the file index.php?page=site_settings of the component Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221591.
CVE-2023-0942
2023-02-22
N/A
N/A
The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2023-0938
Music Gallery Site Project
Music_gallery_site
2023-02-21
N/A
N/A
A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file music_list.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221553 was assigned to this vulnerability.
CVE-2023-0936
Tp-link
M7350_firmware, M7350, Tl-wr840n_firmware, Tl-wr840n, Archer_c3200_v1_firmware, Archer_c3200_v1, Archer_c2_v1_firmware, Archer_c2_v1, Archer_c1200_firmware, Archer_c1200
2023-02-21
N/A
N/A
A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552.
CVE-2023-0935
Dolphinphp Project
Dolphinphp
2023-02-21
N/A
N/A
A vulnerability was found in DolphinPHP up to 1.5.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file common.php of the component Incomplete Fix CVE-2021-46097. The manipulation of the argument id leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221551.
CVE-2023-0934
Answer
2023-02-21
N/A
N/A
Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.5.
CVE-2023-0919
Kavitareader
Kavita
2023-02-21
N/A
N/A
Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0.
CVE-2023-0918
Pharmacy Management System Project
Pharmacy_management_system
2023-02-21
N/A
N/A
A vulnerability has been found in codeprojects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file add.php of the component Avatar Image Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-221494 is the identifier assigned to this vulnerability.
CVE-2023-0917
Simple Customer Relationship Management System Project
Simple_customer_relationship_management_system
2023-02-21
N/A
N/A
A vulnerability, which was classified as critical, was found in SourceCodester Simple Customer Relationship Management System 1.0. This affects an unknown part of the file /php-scrm/login.php. The manipulation of the argument Password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221493 was assigned to this vulnerability.
CVE-2023-0916
Auto Dealer Management System Project
Auto_dealer_management_system
2023-02-21
N/A
N/A
A vulnerability classified as critical was found in SourceCodester Auto Dealer Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /adms/classes/Users.php. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221491.
« Previous 1 … 11,206 11,207 11,208 11,209 11,210 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE