Total
967 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46456 | 1 Gl-inet | 2 Gl-ar300m, Gl-ar300m Firmware | 2023-12-14 | N/A | 9.8 CRITICAL |
In GL.iNET GL-AR300M routers with firmware 3.216 it is possible to inject arbitrary shell commands through the OpenVPN client file upload functionality. | |||||
CVE-2023-43364 | 1 Arjunsharda | 1 Searchor | 2023-12-14 | N/A | 9.8 CRITICAL |
main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution. | |||||
CVE-2023-49964 | 1 Hyland | 1 Alfresco Content Services | 2023-12-14 | N/A | 8.8 HIGH |
An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE (Remote Code Execution). NOTE: this issue exists because of an incomplete fix for CVE-2020-12873. | |||||
CVE-2023-6458 | 1 Mattermost | 1 Mattermost Server | 2023-12-12 | N/A | 9.8 CRITICAL |
Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal. | |||||
CVE-2023-22522 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2023-12-11 | N/A | 8.8 HIGH |
This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution (RCE) on an affected instance. Publicly accessible Confluence Data Center and Server versions as listed below are at risk and require immediate attention. See the advisory for additional details Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. | |||||
CVE-2023-48205 | 1 Jorani | 1 Leave Management System | 2023-12-11 | N/A | 5.3 MEDIUM |
Jorani Leave Management System 1.0.2 allows a remote attacker to spoof a Host header associated with password reset emails. | |||||
CVE-2023-48835 | 1 Phpjabbers | 1 Car Rental Script | 2023-12-10 | N/A | 8.8 HIGH |
Car Rental Script v3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. | |||||
CVE-2023-5340 | 1 Fivestarplugins | 1 Five Star Restaurant Menu | 2023-12-10 | N/A | 9.8 CRITICAL |
The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to perform PHP Object Injection when a suitable gadget is present on the blog. | |||||
CVE-2023-48199 | 1 Grocy Project | 1 Grocy | 2023-12-10 | N/A | 7.8 HIGH |
HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <= 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker can then manipulate page content in the QR code detail popup, often coupled with social engineering tactics, exploiting both the trust of users and the application's lack of proper input handling. | |||||
CVE-2023-48826 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2023-12-10 | N/A | 8.8 HIGH |
Time Slots Booking Calendar 4.0 is vulnerable to CSV Injection via the unique ID field of the Reservations List. | |||||
CVE-2023-35075 | 1 Mattermost | 1 Mattermost | 2023-12-10 | N/A | 5.4 MEDIUM |
Mattermost fails to use innerText / textContent when setting the channel name in the webapp during autocomplete, allowing an attacker to inject HTML to a victim's page by create a channel name that is valid HTML. No XSS is possible though. | |||||
CVE-2023-49214 | 1 Usedesk | 1 Usedesk | 2023-12-10 | N/A | 9.8 CRITICAL |
Usedesk before 1.7.57 allows chat template injection. | |||||
CVE-2023-48841 | 1 Phpjabbers | 1 Appointment Scheduler | 2023-12-10 | N/A | 8.8 HIGH |
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action. | |||||
CVE-2023-48830 | 1 Phpjabbers | 1 Shuttle Booking Software | 2023-12-10 | N/A | 8.8 HIGH |
Shuttle Booking Software 2.0 is vulnerable to CSV Injection in the Languages section via an export. | |||||
CVE-2023-32786 | 1 Langchain | 1 Langchain | 2023-12-10 | N/A | 7.5 HIGH |
In Langchain through 0.0.155, prompt injection allows an attacker to force the service to retrieve data from an arbitrary URL, essentially providing SSRF and potentially injecting content into downstream tasks. | |||||
CVE-2023-38060 | 1 Otrs | 1 Otrs | 2023-12-10 | N/A | 8.8 HIGH |
Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacker to to perform an host header injection for the ContentType header of the attachment. This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. | |||||
CVE-2023-36210 | 1 Motocms | 1 Motocms | 2023-12-10 | N/A | 9.8 CRITICAL |
MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter. | |||||
CVE-2023-41580 | 1 Phpipam | 1 Phpipam | 2023-12-10 | N/A | 7.5 HIGH |
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request. | |||||
CVE-2023-4478 | 1 Mattermost | 1 Mattermost Server | 2023-12-10 | N/A | 8.2 HIGH |
Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts. | |||||
CVE-2023-45303 | 1 Thingsboard | 1 Thingsboard | 2023-12-10 | N/A | 8.8 HIGH |
ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent to the /api/admin/settings endpoint). |