Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2023-01-30
High
Low
Low
Med.
2023-01-28
Low
High
Med.
Med.
2023-01-26
Med.
2023-01-24
Low
High
Low
2023-01-23
Med.

The latest CVEs

2023-02-01
CVE-2022-32984
BTCPay Server 1.3.0 through 1.5.3 allows a remote attacker to obtain sensitive information when a public Point of Sale app is exposed. The sensitive information, found in the HTML source code, includes the xpub of the store. Also, if the store isn't using the internal lightning node, the credentials of a lightning node are exposed.
CVE-2022-37708
Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker container can access any files within the Docker container.
CVE-2022-45297
EQ v1.5.31 to v2.2.0 was discovered to contain a SQL injection vulnerability via the UserPwd parameter.
CVE-2022-45494
Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.
2023-01-31
CVE-2016-15023
A vulnerability, which was classified as problematic, was found in SiteFusion Application Server up to 6.6.6. This affects an unknown part of the file getextension.php of the component Extension Handler. The manipulation leads to path traversal. Upgrading to version 6.6.7 is able to address this issue. The name of the patch is 49fff155c303d6cd06ce8...
CVE-2023-22610
A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure?? Geo SCADA Expert 2019, EcoStruxure?? Geo SCADA Expert 2020, EcoStruxure?? Geo SCADA Expert 2021 (All versions prior t...
CVE-2023-22611
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure?? Geo SCADA Expert 2019, EcoStruxure?? Geo SCADA Expert 2020, EcoStruxure?? Geo SCADA Expert 2021 (All vers...
CVE-2022-45172
An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can occur under the /api/v1/registration/validateEmail endpoint, the /api/v1/vdeskintegration/user/adduser endpoint, and the /api/v1/registration/changePasswordUser endpoint. The web application is affected by flaws in authorization logic, through which a mali...
CVE-2022-47697
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 and before is vulnerable to Account takeover. Anyone can reset the password of the admin accounts.
CVE-2022-47698
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1 is vulnerable to Cross Site Scripting (XSS) via the URL filtering feature in the router.

Dorks

2023-01-30
High
Powered By dokumenary.net Remote Code Execution( Multiple CVE )
intext:dokumenary.net All rights reserved.
UnM@SK
2023-01-23
Med.
Website by MSBu.de - Sql Injection Vulnerability
"Website by MSBu.de"
behrouz mansoori
2023-01-09
Med.
Stealth Media Ltd - Sql Injection Vulnerability
"Website Designed & Developed By Stealth Media Ltd."
behrouz mansoori
2023-01-06
High
SDM-Downloads 9.3.15 Privilege Escalation Arbritrary File Upload
inurl:/sdm-downloads/
Luth1er
Low
Wordpress Dsp Dating Csrf FIle Upload( Multiple CVE )
inurl:wp-content/plugins/dsp_dating
UnM@SK

Copyright 2023, cxsecurity.com

 

Back to Top