CVE

Click to Call or Chat Buttons Plugin for WordPress cross-site scripting | CVE-2023-25710

April 29, 2023

NAME__________Click to Call or Chat Buttons Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Click to Call or Chat Buttons Plugin for...

Faculty Evaluation System SQL injection | CVE-2023-2369

April 29, 2023

NAME__________Faculty Evaluation System SQL injectionPlatforms Affected:Risk Level:4.7Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Faculty Evaluation System is vulnerable to SQL injection. A remote authenticated attacker...

Link Juice Keeper Plugin for WordPress cross-site scripting | CVE-2023-25793

April 29, 2023

NAME__________Link Juice Keeper Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Link Juice Keeper Plugin for WordPress 2.0.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Link Juice...

Faculty Evaluation System SQL injection | CVE-2023-2368

April 29, 2023

Faculty Evaluation System SQL injection | CVE-2023-2367

April 29, 2023

Regina Lite Theme for WordPress cross-site scripting | CVE-2023-27619

April 29, 2023

NAME__________Regina Lite Theme for WordPress cross-site scriptingPlatforms Affected:WordPress Regina Lite Theme for WordPress 2.0.7Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Regina Lite Theme for...

Simple Yearly Archive Plugin for WordPress cross-site scripting | CVE-2023-25484

April 29, 2023

NAME__________Simple Yearly Archive Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Simple Yearly Archive Plugin for WordPress 2.1.8Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Simple Yearly...

IBM WebSphere Application Server cross-site scripting | CVE-2023-24966

April 29, 2023

NAME__________IBM WebSphere Application Server cross-site scriptingPlatforms Affected:IBM WebSphere Application Server 8.5 IBM WebSphere Application Server 9.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IBM WebSphere...

Linux Kernel unspecified | CVE-2023-31436

April 29, 2023

NAME__________Linux Kernel unspecifiedPlatforms Affected:Linux Kernel 6.2.12Risk Level:5.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________An out-of-bounds write in qfq_change_class in net/sched/sch_qfq.c in Linux Kernel could allow...

42Gears Surelock for Windows information disclosure | CVE-2023-2335

April 29, 2023

NAME__________42Gears Surelock for Windows information disclosurePlatforms Affected:42Gears Surelock for Windows 2.3.12 42Gears Surelock for Windows 2.40.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________42Gears Surelock...

Exelysis Unified Communication Solutions cross-site scripting | CVE-2023-29836

April 29, 2023

NAME__________Exelysis Unified Communication Solutions cross-site scriptingPlatforms Affected:Exelysis Exelysis 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Exelysis Unified Communication Solutions is vulnerable to cross-site scripting,...

42Gears Surelock for Windows code execution | CVE-2023-2331

April 29, 2023

NAME__________42Gears Surelock for Windows code executionPlatforms Affected:42Gears Surelock for Windows 2.3.12 42Gears Surelock for Windows 2.40.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________42Gears Surelock...

ChurchCRM cross-site request forgery | CVE-2023-26841

April 29, 2023

NAME__________ChurchCRM cross-site request forgeryPlatforms Affected:Risk Level:6.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ChurchCRM is vulnerable to cross-site request forgery, caused by improper validation of user-supplied...

Resort Reservation System SQL injection | CVE-2023-2363

April 29, 2023

NAME__________Resort Reservation System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Resort Reservation System is vulnerable to SQL injection. A remote authenticated attacker...

Resort Reservation System cross-site scripting | CVE-2023-2364

April 29, 2023

NAME__________Resort Reservation System cross-site scriptingPlatforms Affected:Risk Level:4.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Resort Reservation System is vulnerable to cross-site scripting, caused by improper validation...

Faculty Evaluation System SQL injection | CVE-2023-2365

April 29, 2023

NAME__________Faculty Evaluation System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Faculty Evaluation System is vulnerable to SQL injection. A remote authenticated attacker...

Faculty Evaluation System SQL injection | CVE-2023-2366

April 29, 2023

IBM Safter Payments information disclosure | CVE-2023-27557

April 28, 2023

NAME__________IBM Safter Payments information disclosurePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 6.3.0.00 IBM Safer Payments...

IBM Safer Payments denial of service | CVE-2023-27556

April 28, 2023

NAME__________IBM Safer Payments denial of servicePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 6.3.0.00 IBM Safer...

Prestashop information disclosure | CVE-2023-30545

April 28, 2023

NAME__________Prestashop information disclosurePlatforms Affected:PrestaShop PrestaShop 1.7.8.7 PrestaShop askforaquote module for PrestaShop 5.4.2Risk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Prestashop could allow a remote attacker...

IBM Maximo Asset Management information disclosure | CVE-2023-27860

April 28, 2023

NAME__________IBM Maximo Asset Management information disclosurePlatforms Affected:IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management 7.6.1.3Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Maximo...

Podlove Subscribe button Plugin for WordPress cross-site scripting | CVE-2023-25479

April 28, 2023

NAME__________Podlove Subscribe button Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Podlove Subscribe button plugin for WordPress 1.3.7Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Podlove Subscribe...

IBM DB2 for Linux, UNIX and Windows denial of service | CVE-2023-29255

April 28, 2023

NAME__________IBM DB2 for Linux, UNIX and Windows denial of servicePlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2...

IBM Safer Payments denial of service | CVE-2020-4729

April 28, 2023

NAME__________IBM Safer Payments denial of servicePlatforms Affected:IBM Safer Payments 6.1.0.00 IBM Safer Payments 6.2.0.00 IBM Safer Payments 5.7.0.00 IBM Safer...

CVE

Click to Call or Chat Buttons Plugin for WordPress cross-site scripting | CVE-2023-25710

Faculty Evaluation System SQL injection | CVE-2023-2369

Link Juice Keeper Plugin for WordPress cross-site scripting | CVE-2023-25793

Faculty Evaluation System SQL injection | CVE-2023-2368

Faculty Evaluation System SQL injection | CVE-2023-2367

Regina Lite Theme for WordPress cross-site scripting | CVE-2023-27619

Simple Yearly Archive Plugin for WordPress cross-site scripting | CVE-2023-25484

IBM WebSphere Application Server cross-site scripting | CVE-2023-24966

Linux Kernel unspecified | CVE-2023-31436

42Gears Surelock for Windows information disclosure | CVE-2023-2335

Exelysis Unified Communication Solutions cross-site scripting | CVE-2023-29836

42Gears Surelock for Windows code execution | CVE-2023-2331

ChurchCRM cross-site request forgery | CVE-2023-26841

Resort Reservation System SQL injection | CVE-2023-2363

Resort Reservation System cross-site scripting | CVE-2023-2364

Faculty Evaluation System SQL injection | CVE-2023-2365

Faculty Evaluation System SQL injection | CVE-2023-2366

IBM Safter Payments information disclosure | CVE-2023-27557

IBM Safer Payments denial of service | CVE-2023-27556

Prestashop information disclosure | CVE-2023-30545

IBM Maximo Asset Management information disclosure | CVE-2023-27860

Podlove Subscribe button Plugin for WordPress cross-site scripting | CVE-2023-25479

IBM DB2 for Linux, UNIX and Windows denial of service | CVE-2023-29255

IBM Safer Payments denial of service | CVE-2020-4729

[QILIN] – Ransomware Victim: villagecoin[.]com

[QILIN] – Ransomware Victim: parsons-peebles[.]com

[QILIN] – Ransomware Victim: capmark[.]org

HackerOne Bug Bounty Disclosure: curl-easy-header-runs-at-o-n-or-worse-and-can-be-abused-to-use-minute-s-of-cpu-time-wolfsage

HackerOne Bug Bounty Disclosure: curl-oj-allows-creating-custom-curlrc-file-which-allows-exfiltrating-private-data-among-other-things-wolfsage

You may have missed