Total
232646 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46751 | 1 Artifex | 1 Ghostscript | 2023-12-09 | N/A | 7.5 HIGH |
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. | |||||
CVE-2023-46354 | 1 Myprestamodules | 1 Orders \(csv\, Excel\) Export Pro | 2023-12-09 | N/A | 7.5 HIGH |
In the module "Orders (CSV, Excel) Export PRO" (ordersexport) < 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer/ps_address tables such as name / surname / email / phone number / full postal address. | |||||
CVE-2023-46353 | 1 Mypresta | 1 Product Tag Icons Pro | 2023-12-09 | N/A | 9.8 CRITICAL |
In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon() has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. | |||||
CVE-2023-46974 | 1 Mayurik | 1 Courier Management System | 2023-12-09 | N/A | 5.4 MEDIUM |
Cross Site Scripting vulnerability in Best Courier Management System v.1.000 allows a remote attacker to execute arbitrary code via a crafted payload to the page parameter in the URL. | |||||
CVE-2023-6568 | 1 Lfprojects | 1 Mlflow | 2023-12-09 | N/A | 6.1 MEDIUM |
Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0. | |||||
CVE-2023-49397 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/updateStatus. | |||||
CVE-2023-49373 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete. | |||||
CVE-2023-49398 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete. | |||||
CVE-2023-49396 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/save. | |||||
CVE-2023-49447 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update. | |||||
CVE-2023-49372 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save. | |||||
CVE-2023-49379 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save. | |||||
CVE-2023-49378 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save. | |||||
CVE-2023-49376 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete. | |||||
CVE-2023-49375 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update. | |||||
CVE-2023-49377 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update. | |||||
CVE-2023-49374 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update. | |||||
CVE-2023-49446 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save. | |||||
CVE-2023-49395 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/update. | |||||
CVE-2023-49383 | 1 Jfinalcms Project | 1 Jfinalcms | 2023-12-09 | N/A | 8.8 HIGH |
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/save. |