Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2023-02-01
Low
Low
Med.
Med.
Med.
2023-01-30
High
Low
Low
Med.
2023-01-28
Low
High
Med.
Med.

The latest CVEs

2023-02-02
CVE-2023-23119
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.
CVE-2023-23120
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle (MITM) attack to modify the new firmware image and bypass the checksum verification.
CVE-2023-0646
A vulnerability classified as critical was found in dst-admin 1.5.0. Affected by this vulnerability is an unknown functionality of the file /home/cavesConsole. The manipulation of the argument command leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220...
CVE-2023-0647
A vulnerability, which was classified as critical, has been found in dst-admin 1.5.0. Affected by this issue is some unknown functionality of the file /home/kickPlayer. The manipulation of the argument userId leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-220034 is ...
CVE-2023-0648
A vulnerability, which was classified as critical, was found in dst-admin 1.5.0. This affects an unknown part of the file /home/masterConsole. The manipulation of the argument command leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of...
CVE-2023-0649
A vulnerability has been found in dst-admin 1.5.0 and classified as critical. This vulnerability affects unknown code of the file /home/sendBroadcast. The manipulation of the argument message leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnera...
CVE-2023-0650
A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to addr...
CVE-2023-23110
An exploitable firmware modification vulnerability was discovered in WNR612v2 Wireless Routers firmware version 1.0.0.3 and earlier. The data integrity of the uploaded firmware image is ensured with a fixed checksum number. Therefore, an attacker can conduct a MITM attack to modify the user-uploaded firmware image and bypass the checksum verificati...
CVE-2023-0651
A vulnerability was found in FastCMS 0.1.0. It has been classified as critical. Affected is an unknown function of the component Template Management. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-220038 is the identifier assigned to this...
CVE-2022-46552
D-Link DIR-846 Firmware FW100A53DBR was discovered to contain a remote command execution (RCE) vulnerability via the lan(0)_dhcps_staticlist parameter. This vulnerability is exploited via a crafted POST request.

Dorks

2023-01-30
High
Powered By dokumenary.net Remote Code Execution( Multiple CVE )
intext:dokumenary.net All rights reserved.
UnM@SK
2023-01-23
Med.
Website by MSBu.de - Sql Injection Vulnerability
"Website by MSBu.de"
behrouz mansoori
2023-01-09
Med.
Stealth Media Ltd - Sql Injection Vulnerability
"Website Designed & Developed By Stealth Media Ltd."
behrouz mansoori
2023-01-06
High
SDM-Downloads 9.3.15 Privilege Escalation Arbritrary File Upload
inurl:/sdm-downloads/
Luth1er
Low
Wordpress Dsp Dating Csrf FIle Upload( Multiple CVE )
inurl:wp-content/plugins/dsp_dating
UnM@SK

Copyright 2023, cxsecurity.com

 

Back to Top