Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2023-11-29
Low
Med.
High
2023-11-27
Med.
2023-11-25
High
2023-11-23
Med.
High
High
Med.
Low
Med.
Med.
2023-11-20
Low

The latest CVEs

2023-11-23
CVE-2023-4593
Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file.
CVE-2023-4594
Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file.
CVE-2023-4595
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
CVE-2023-28811
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVE-2023-39253
Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of privilege on the system.
CVE-2023-43086
Dell Command | Configure, versions prior to 4.11.0, contains an improper access control vulnerability. A local malicious user could potentially modify files inside installation folder during application upgrade, leading to privilege escalation.
CVE-2023-44289
Dell Command | Configure versions prior to 4.11.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.
CVE-2023-44290
Dell Command | Monitor versions prior to 10.10.0, contain an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability while repairing/changing installation, leading to privilege escalation.
CVE-2023-28812
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
CVE-2023-28813
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.

Dorks

2023-11-29
Low
israel YCMS 4 - Remote File Upload - CSRF / Shell Upload
intext:נבנה ע"י לק"י בניית אתרים
1933 (TURK TM - SS CYBER)
2023-11-27
Med.
osCommerce 4 - Reflected XSS( CVE-2023-6296 )
Powered by osCommerce
CraCkEr
2023-11-16
Med.
Chillipages Technologies - Blind Sql Injection
"Site by | Chillipages Technologies"
behrouz mansoori
2023-11-12
Med.
Plesk Obsidian 18.0.56 command injecrion
intitle:"Plesk Obsidian 18.0.56"
Hamza Anonime
2023-11-08
Med.
Virtual Pages - Sql Injection
"Site by : Virtual Pages"
behrouz mansoori

Copyright 2023, cxsecurity.com

 

Back to Top