Search Results (364926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-43278 1 Seacms 1 Seacms 2024-11-21 8.8 High
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
CVE-2023-43275 1 Dedecms 1 Dedecms 2024-11-21 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form.
CVE-2023-43274 1 Phpjabbers 1 Php Shopping Cart 2024-11-21 7.5 High
Phpjabbers PHP Shopping Cart 4.2 is vulnerable to SQL Injection via the id parameter.
CVE-2023-43271 1 70mai 2 A500s, A500s Firmware 2024-11-21 9.1 Critical
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols.
CVE-2023-43270 1 Dst-admin Project 1 Dst-admin 2024-11-21 9.8 Critical
dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate.
CVE-2023-43269 1 Pigcms 1 Pigcms 2024-11-21 9.8 Critical
pigcms up to 7.0 was discovered to contain an arbitrary file upload vulnerability.
CVE-2023-43268 1 Deyue Remote Vehicle Management System Project 1 Deyue Remote Vehicle Management System 2024-11-21 8.8 High
Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability.
CVE-2023-43267 1 Emlog 1 Emlog 2024-11-21 5.4 Medium
A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.
CVE-2023-43263 1 Froala 1 Froala Editor 2024-11-21 6.1 Medium
A Cross-site scripting (XSS) vulnerability in Froala Editor v.4.1.1 allows attackers to execute arbitrary code via the Markdown component.
CVE-2023-43260 1 Milesight 15 Ur32, Ur32 Firmware, Ur32l and 12 more 2024-11-21 6.1 Medium
Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.
CVE-2023-43256 1 Gladysassistant 1 Gladys Assistant 2024-11-21 6.5 Medium
A path traversal in Gladys Assistant v4.26.1 and below allows authenticated attackers to extract sensitive files in the host machine by exploiting a non-sanitized user input.
CVE-2023-43252 1 Xnview 1 Nconvert 2024-11-21 7.8 High
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow via a crafted image file.
CVE-2023-43251 1 Xnview 1 Nconvert 2024-11-21 7.8 High
XNSoft Nconvert 7.136 has an Exception Handler Chain Corrupted via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2023-43250 1 Xnview 1 Nconvert 2024-11-21 7.8 High
XNSoft Nconvert 7.136 is vulnerable to Buffer Overflow. There is a User Mode Write AV via a crafted image file. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution.
CVE-2023-43242 1 Dlink 3 Dir-816 A2 Firmware, Dir-816a2, Dir-816a2 Firmware 2024-11-21 8.8 High
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter removeRuleList in form2IPQoSTcDel.
CVE-2023-43241 2 D-link, Dlink 3 Dir-823g, Dir-823g, Dir-823g Firmware 2024-11-21 9.8 Critical
D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter TXPower and GuardInt in SetWLanRadioSecurity.
CVE-2023-43240 2 D-link, Dlink 3 Dir-816 A2, Dir-816 A2, Dir-816 A2 Firmware 2024-11-21 9.8 Critical
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter sip_address in ipportFilter.
CVE-2023-43239 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2024-11-21 8.8 High
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter flag_5G in showMACfilterMAC.
CVE-2023-43238 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2024-11-21 8.8 High
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter nvmacaddr in form2Dhcpip.cgi.
CVE-2023-43237 1 Dlink 2 Dir-816 A2, Dir-816 A2 Firmware 2024-11-21 8.8 High
D-Link DIR-816 A2 v1.10CNB05 was discovered to contain a stack overflow via parameter macCloneMac in setMAC.