-
CVE-2023-30654
•
published on August 10, 2023
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
-
CVE-2023-30654
•
published on August 10, 2023
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
-
CVE-2023-30654
•
published on August 10, 2023
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
-
CVE-2023-30654
•
published on August 10, 2023
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
-
CVE-2023-30654
•
published on August 10, 2023
Improper access control vulnerability in SLocationService prior to SMR Aug-2023 Release 1 allows local attacker to update fake location.
-
CVE-2023-38333
•
published on August 10, 2023
Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in.
-
CVE-2022-47636
•
published on August 10, 2023
A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file (OutSystems Modeling Language), the application will load the following DLLs from the same directory av_libGLESv2.dll, libcef.DLL, user32.dll, and d3d10warp.dll. Using a crafted DLL, it is possible to execute arbitrary code in the context of the current logged in user.
-
CVE-2023-36311
•
published on August 10, 2023
There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
-
CVE-2023-36314
•
published on August 10, 2023
There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0.
-
CVE-2023-36312
•
published on August 10, 2023
There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0.
-
CVE-2023-36315
•
published on August 10, 2023
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0.
-
CVE-2023-36309
•
published on August 10, 2023
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Document Creator v1.0.
-
CVE-2023-36310
•
published on August 10, 2023
There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.
-
CVE-2023-36313
•
published on August 10, 2023
PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from "request_feed".
-
CVE-2023-37069
•
published on August 10, 2023
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login process, enabling an attacker to inject malicious SQL code.
-
CVE-2023-37543
•
published on August 10, 2023
Cacti before 1.2.6 allows IDOR (Insecure Direct Object Reference) for accessing any graph via a modified local_graph_id parameter to graph_xport.php. This is a different vulnerability than CVE-2019-16723.
-
CVE-2023-37625
•
published on August 10, 2023
A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates.
-
CVE-2023-37734
•
published on August 10, 2023
EZ softmagic MP3 Audio Converter 2.7.3.700 was discovered to contain a buffer overflow.
-
CVE-2023-38333
•
published on August 10, 2023
Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in.
-
CVE-2023-38830
•
published on August 10, 2023
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module.