Patreon Members Only

Pacsrapor cross-site scripting | CVE-2023-1153

NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Pacsrapor is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add,…

Pacsrapor cross-site scripting | CVE-2023-1154

NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pacsrapor is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a…

Prestashop tshirtecommerce SQL injection | CVE-2023-27637

NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to designer.php script using the product_id…

Minio information disclosure | CVE-2023-28432

NAME__________Minio information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Minio could allow a remote attacker to obtain sensitive information, caused by a flaw in the cluster deployment implementation. By sending a specially-crafted request,…

NextCloud Server brute force | CVE-2023-25820

NAME__________NextCloud Server brute forcePlatforms Affected:Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NextCloud Server is vulnerable to a brute force attack, caused by improper restriction of excessive authentication attempts by the password confirmation modal. By…

Pimcore directory traversal | CVE-2023-28438

NAME__________Pimcore directory traversalPlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Pimcore could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user requests by the GET method.…