Search Results (37070 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-48384 1 Armorxgt 1 Spamtrap 2024-11-21 9.8 Critical
ArmorX Global Technology Corporation ArmorX Spam has insufficient validation for user input within a special function. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
CVE-2023-48375 1 Csharp 1 Cws Collaborative Development Platform 2024-11-21 8.8 High
SmartStar Software CWS is a web-based integration platform, it has a vulnerability of missing authorization and users are able to access data or perform actions that they should not be allowed to perform via commands. An authenticated with normal user privilege can execute administrator privilege, resulting in performing arbitrary system operations or disrupting service.
CVE-2023-48372 1 Itpison 1 Omicard Edm 2024-11-21 9.8 Critical
ITPison OMICARD EDM 's SMS-related function has insufficient validation for user input. An unauthenticated remote attacker can exploit this vulnerability to inject arbitrary SQL commands to access, modify and delete database.
CVE-2023-48316 1 Microsoft 1 Azure Rtos Netx Duo 2024-11-21 9.8 Critical
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to snmp, smtp, ftp and dtls in RTOS v6.2.1 and below. The fixes have been included in NetX Duo release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48309 1 Nextauth.js 1 Next-auth 2024-11-21 5.3 Medium
NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or nonce). Manually overriding the `next-auth.session-token` cookie value with this non-related JWT would let the user simulate a logged in user, albeit having no user information associated with it. (The only property on this user is an opaque randomly generated string). This vulnerability does not give access to other users' data, neither to resources that require proper authorization via scopes or other means. The created mock user has no information associated with it (ie. no name, email, access_token, etc.) This vulnerability can be exploited by bad actors to peek at logged in user states (e.g. dashboard layout). `next-auth` `v4.24.5` contains a patch for the vulnerability. As a workaround, using a custom authorization callback for Middleware, developers can manually do a basic authentication.
CVE-2023-48227 1 Umbraco 1 Umbraco Cms 2024-11-21 4.3 Medium
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.7.0, and 12.3.0, Backoffice users with send for approval permission but not publish permission are able to publish in some scenarios. Versions 8.18.10, 10.7.0, and 12.3.0 contains a patch for this issue. No known workarounds are available.
CVE-2023-48222 1 Pagerduty 1 Rundeck 2024-11-21 8.1 High
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. In affected versions access to two URLs used in both Rundeck Open Source and Process Automation products could allow authenticated users to access the URL path, which would allow access to view or delete jobs, without the necessary authorization checks. This issue has been addressed in version 4.17.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-48218 1 Strapi 1 Protected Populate 2024-11-21 5.3 Medium
The Strapi Protected Populate Plugin protects `get` endpoints from revealing too much information. Prior to version 1.3.4, users were able to bypass the field level security. Users who tried to populate something that they didn't have access to could populate those fields anyway. This issue has been patched in version 1.3.4. There are no known workarounds.
CVE-2023-48188 1 Store-opart 1 Op\'art Devis 2024-11-21 9.8 Critical
SQL injection vulnerability in PrestaShop opartdevis v.4.5.18 thru v.4.6.12 allows a remote attacker to execute arbitrary code via a crafted script to the getModuleTranslation function.
CVE-2023-48084 1 Nagios 1 Nagios Xi 2024-11-21 9.8 Critical
Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool.
CVE-2023-48078 1 Code-projects 1 Simple Crud Functionality 2024-11-21 9.8 Critical
SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows attackers to run arbitrary SQL commands via the 'title' parameter.
CVE-2023-48050 2 Camsbiometrics, Odoo 2 Zkteco\, Essl\, Cams Biometrics Integration Module, Biometric Attendance 2024-11-21 9.8 Critical
SQL injection vulnerability in Cams Biometrics Zkteco, eSSL, Cams Biometrics Integration Module with HR Attendance (aka odoo-biometric-attendance) v. 13.0 through 16.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the db parameter in the controllers/controllers.py component.
CVE-2023-48049 1 Cybrosys 1 Website Blog Search 2024-11-21 9.8 Critical
A SQL injection vulnerability in Cybrosys Techno Solutions Website Blog Search (aka website_search_blog) v. 13.0 through 13.0.1.0.1 allows a remote attacker to execute arbitrary code and to gain privileges via the name parameter in controllers/main.py component.
CVE-2023-48016 1 Phpgurukul 1 Restaurant Table Booking System 2024-11-21 7.5 High
Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter.
CVE-2023-47990 1 Cuppacms 1 Cuppacms 2024-11-21 9.8 Critical
SQL Injection vulnerability in components/table_manager/html/edit_admin_table.php in CuppaCMS V1.0 allows attackers to run arbitrary SQL commands via the table parameter.
CVE-2023-47637 1 Pimcore 1 Pimcore 2024-11-21 8.8 High
Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-47582 1 Fujielectric 2 Tellus, Tellus Lite 2024-11-21 7.8 High
Access of uninitialized pointer vulnerability exists in TELLUS V4.0.17.0 and earlier and TELLUS Lite V4.0.17.0 and earlier. If a user opens a specially crafted file (X1, V8, or V9 file), information may be disclosed and/or arbitrary code may be executed.
CVE-2023-47568 1 Qnap 3 Qts, Quts Hero, Qutscloud 2024-11-21 8.8 High
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
CVE-2023-47445 1 Phpgurukul 1 Pre-school Enrollment System 2024-11-21 9.8 Critical
Pre-School Enrollment version 1.0 is vulnerable to SQL Injection via the username parameter in preschool/admin/ page.
CVE-2023-47308 1 Activedesign 1 Newsletterpop 2024-11-21 9.8 Critical
In the module "Newsletter Popup PRO with Voucher/Coupon code" (newsletterpop) before version 2.6.1 from Active Design for PrestaShop, a guest can perform SQL injection in affected versions. The method `NewsletterpopsendVerificationModuleFrontController::checkEmailSubscription()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.