Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2023-01-28
Low
High
Med.
Med.
2023-01-26
Med.
2023-01-24
Low
High
Low
2023-01-23
Med.
Low
Low
Med.
High

The latest CVEs

2023-01-30
CVE-2022-2988
A CWE-787: Out-of-bounds Write vulnerability exists that could cause sensitive information leakage when accessing a malicious web page from the commissioning software. Affected Products: SoMachine HVAC(V2.1.0 and prior), EcoStruxure Machine Expert ?? HVAC(V1.4.0 and prior).
CVE-2022-38451
A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2022-42484
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability.
CVE-2023-22322
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed.
CVE-2023-22324
SQL injection vulnerability in the CONPROSYS HMI System (CHS) Ver.3.5.0 and earlier allows a remote authenticated attacker to execute an arbitrary SQL command. As a result, information stored in the database may be obtained.
CVE-2023-22332
Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 (4.4 series), 4.3.0 to 4.3.4 (4.3 series), 4.2.0 to 4.2.11 (4.2 series), 4.1.0 to 4.1.14 (4.1 series), 4.0.0 to 4.0.21 (4.0 series), All versions of 3.7 series, All versions of 3.6 series, All versions of 3.5 series, All versions of 3.4 series, and All versions of 3.3 series. A...
CVE-2023-22333
Cross-site scripting vulnerability in EasyMail 2.00.130 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
CVE-2022-46356
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
CVE-2022-46357
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.
CVE-2022-46358
Potential vulnerabilities have been identified in HP Security Manager which may allow escalation of privilege, arbitrary code execution, and information disclosure.

Dorks

2023-01-23
Med.
Website by MSBu.de - Sql Injection Vulnerability
"Website by MSBu.de"
behrouz mansoori
2023-01-09
Med.
Stealth Media Ltd - Sql Injection Vulnerability
"Website Designed & Developed By Stealth Media Ltd."
behrouz mansoori
2023-01-06
High
SDM-Downloads 9.3.15 Privilege Escalation Arbritrary File Upload
inurl:/sdm-downloads/
Luth1er
Low
Wordpress Dsp Dating Csrf FIle Upload( Multiple CVE )
inurl:wp-content/plugins/dsp_dating
UnM@SK
2022-12-20
High
Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated)
intext:"Published with Textpattern CMS"
Alperen Ergel

Copyright 2023, cxsecurity.com

 

Back to Top