Total
1085 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49328 | 2 Linux, Wolterskluwer | 2 Linux Kernel, B.point | 2024-08-02 | 7.2 High |
| On a Wolters Kluwer B.POINT 23.70.00 server running Linux on premises, during the authentication phase, a validated system user can achieve remote code execution via Argument Injection in the server-to-server module. | ||||
| CVE-2023-48835 | 1 Phpjabbers | 1 Car Rental Script | 2024-08-02 | 8.8 High |
| Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. | ||||
| CVE-2023-48826 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-08-02 | 8.8 High |
| Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List. | ||||
| CVE-2023-48830 | 1 Phpjabbers | 1 Shuttle Booking Software | 2024-08-02 | 8.8 High |
| Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export. | ||||
| CVE-2023-48709 | 2024-08-02 | 8 High | ||
| iTop is an IT service management platform. When exporting data from backoffice or portal in CSV or Excel files, users' inputs may include malicious formulas that may be imported into Excel. As Excel 2016 does **not** prevent Remote Code Execution by default, uninformed users may become victims. This vulnerability is fixed in 2.7.9, 3.0.4, 3.1.1, and 3.2.0. | ||||
| CVE-2023-48205 | 1 Jorani | 1 Leave Management System | 2024-08-02 | 5.3 Medium |
| Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails. | ||||
| CVE-2023-48199 | 1 Grocy Project | 1 Grocy | 2024-08-02 | 7.8 High |
| HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <= 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker can then manipulate page content in the QR code detail popup, often coupled with social engineering tactics, exploiting both the trust of users and the application's lack of proper input handling. | ||||
| CVE-2023-46726 | 1 Glpi-project | 1 Glpi | 2024-08-02 | 7.2 High |
| GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.11, on PHP 7.4 only, the LDAP server configuration form can be used to execute arbitrary code previously uploaded as a GLPI document. Version 10.0.11 contains a patch for the issue. | ||||
| CVE-2023-46468 | 1 Juzaweb | 1 Juzaweb Cms | 2024-08-02 | 7.8 High |
| An issue in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted file to the custom plugin function. | ||||
| CVE-2023-46456 | 1 Gl-inet | 2 Gl-ar300m, Gl-ar300m Firmware | 2024-08-02 | 9.8 Critical |
| In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality. | ||||
| CVE-2023-46304 | 2024-08-02 | 8.1 High | ||
| modules/Users/models/Module.php in Vtiger CRM 7.5.0 allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file (executed on every page load). | ||||
| CVE-2023-44109 | 1 Huawei | 2 Emui, Harmonyos | 2024-08-02 | 7.5 High |
| Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-39655 | 1 Perfood | 1 Couchauth | 2024-08-02 | 9.6 Critical |
| A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions <= 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords and take over their accounts. | ||||
| CVE-2023-37360 | 1 Pacparser Project | 1 Pacparser | 2024-08-02 | 5.9 Medium |
| pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products). | ||||
| CVE-2023-36470 | 1 Xwiki | 1 Xwiki | 2024-08-02 | 10 Critical |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. By either creating a new or editing an existing document with an icon set, an attacker can inject XWiki syntax and Velocity code that is executed with programming rights and thus allows remote code execution. There are different attack vectors, the simplest is the Velocity code in the icon set's HTML or XWiki syntax definition. The [icon picker](https://extensions.xwiki.org/xwiki/bin/view/Extension/Icon%20Theme%20Application#HIconPicker) can be used to trigger the rendering of any icon set. The XWiki syntax variant of the icon set is also used without any escaping in some documents, allowing to inject XWiki syntax including script macros into a document that might have programming right, for this the currently used icon theme needs to be edited. Further, the HTML output of the icon set is output as JSON in the icon picker and this JSON is interpreted as XWiki syntax, allowing again the injection of script macros into a document with programming right and thus allowing remote code execution. This impacts the confidentiality, integrity and availability of the whole XWiki instance. This issue has been patched in XWiki 14.10.6 and 15.1. Icon themes now require script right and the code in the icon theme is executed within the context of the icon theme, preventing any rights escalation. A macro for displaying icons has been introduced to avoid injecting the raw wiki syntax of an icon set into another document. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-36471 | 1 Xwiki | 1 Commons | 2024-08-02 | 9.1 Critical |
| Xwiki commons is the common modules used by other XWiki top level projects. The HTML sanitizer that is included in XWiki since version 14.6RC1 allowed form and input HTML tags. In the context of XWiki, this allows an attacker without script right to either create forms that can be used for phishing attacks or also in the context of a sheet, the attacker could add an input like `{{html}}<input type="hidden" name="content" value="{{groovy}}println("Hello from Groovy!")" />{{/html}}` that would allow remote code execution when it is submitted by an admin (the sheet is rendered as part of the edit form). The attacker would need to ensure that the edit form looks plausible, though, which can be non-trivial as without script right the attacker cannot display the regular content of the document. This has been patched in XWiki 14.10.6 and 15.2RC1 by removing the central form-related tags from the list of allowed tags. Users are advised to upgrade. As a workaround an admin can manually disallow the tags by adding `form, input, select, textarea, button` to the configuration option `xml.htmlElementSanitizer.forbidTags` in the `xwiki.properties` configuration file. | ||||
| CVE-2023-36469 | 1 Xwiki | 1 Xwiki | 2024-08-02 | 10 Critical |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can edit their own user profile and notification settings can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This has been patched in XWiki 14.10.6 and 15.2RC1. Users are advised to update. As a workaround the main security fix can be manually applied by patching the affected document `XWiki.Notifications.Code.NotificationRSSService`. This will break the link to the differences, though as this requires additional changes to Velocity templates as shown in the patch. While the default template is available in the instance and can be easily patched, the template for mentions is contained in a `.jar`-file and thus cannot be fixed without replacing that jar. | ||||
| CVE-2023-36188 | 1 Langchain | 1 Langchain | 2024-08-02 | 9.8 Critical |
| An issue in langchain v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. | ||||
| CVE-2023-35895 | 1 Ibm | 1 Informix Jdbc | 2024-08-02 | 6.3 Medium |
| IBM Informix JDBC Driver 4.10 and 4.50 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 259116. | ||||
| CVE-2023-35810 | 1 Sugarcrm | 1 Sugarcrm | 2024-08-02 | 7.2 High |
| An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing input validation. Admin user privileges are required to exploit this vulnerability. Editions other than Enterprise are also affected. | ||||