Vulnerabilities (CVE)

Total 232646 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-46751 1 Artifex 1 Ghostscript 2023-12-09 N/A 7.5 HIGH
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
CVE-2023-46354 1 Myprestamodules 1 Orders \(csv\, Excel\) Export Pro 2023-12-09 N/A 7.5 HIGH
In the module "Orders (CSV, Excel) Export PRO" (ordersexport) < 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer/ps_address tables such as name / surname / email / phone number / full postal address.
CVE-2023-46353 1 Mypresta 1 Product Tag Icons Pro 2023-12-09 N/A 9.8 CRITICAL
In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon() has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.
CVE-2023-46974 1 Mayurik 1 Courier Management System 2023-12-09 N/A 5.4 MEDIUM
Cross Site Scripting vulnerability in Best Courier Management System v.1.000 allows a remote attacker to execute arbitrary code via a crafted payload to the page parameter in the URL.
CVE-2023-6568 1 Lfprojects 1 Mlflow 2023-12-09 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Reflected in GitHub repository mlflow/mlflow prior to 2.9.0.
CVE-2023-49397 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/updateStatus.
CVE-2023-49373 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
CVE-2023-49398 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete.
CVE-2023-49396 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/save.
CVE-2023-49447 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
CVE-2023-49372 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.
CVE-2023-49379 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save.
CVE-2023-49378 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save.
CVE-2023-49376 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete.
CVE-2023-49375 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update.
CVE-2023-49377 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update.
CVE-2023-49374 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
CVE-2023-49446 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.
CVE-2023-49395 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/update.
CVE-2023-49383 1 Jfinalcms Project 1 Jfinalcms 2023-12-09 N/A 8.8 HIGH
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/save.