CVE List - 2023 / February
Showing 901 - 1000 of 2164 CVEs for February 2023 (Page 10 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-24188 | 2023-02-13 | ureport v2.2.9 was discovered to contain a directory traversal vulnerability... |
| CVE-2023-24619 | 2023-02-13 | Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality... |
| CVE-2023-24646 | 2023-02-13 | An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of... |
| CVE-2023-24647 | 2023-02-13 | Food Ordering System v2.0 was discovered to contain a SQL... |
| CVE-2023-24648 | 2023-02-13 | Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS)... |
| CVE-2023-25240 | 2023-02-13 | An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers... |
| CVE-2023-25241 | 2023-02-13 | bgERP v22.31 was discovered to contain a reflected cross-site scripting... |
| CVE-2023-25717 | 2023-02-13 | Ruckus Wireless Admin through 10.4 allows Remote Code Execution via... |
| CVE-2023-25719 | 2023-02-13 | ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to... |
| CVE-2023-25727 | 2023-02-13 | In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated... |
| CVE-2022-25937 | 2023-02-13 | Versions of the package glance before 3.0.9 are vulnerable to... |
| CVE-2023-24572 | 2023-02-13 | Dell Command | Integration Suite for System Center, versions before... |
| CVE-2023-23697 | 2023-02-13 | Dell Command | Intel vPro Out of Band, versions before... |
| CVE-2022-34397 | 2023-02-13 | Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution... |
| CVE-2022-45454 | 2023-02-13 | Sensitive information disclosure due to insecure folder permissions. The following... |
| CVE-2022-45455 | 2023-02-13 | Local privilege escalation due to incomplete uninstallation cleanup. The following... |
| CVE-2023-0808 | 2023-02-13 | Deye/Revolt/Bosswerk Inverter Access Point Setting hard-coded password |
| CVE-2022-4473 | 2023-02-13 | Widget Shortcode <= 0.3.5 - Contributor+ Stored XSS |
| CVE-2023-0379 | 2023-02-13 | Spotlight Social Feeds < 1.4.3 - Contributor+ Stored XSS |
| CVE-2022-4783 | 2023-02-13 | Youtube Channel Gallery <= 2.4 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4445 | 2023-02-13 | FL3R FeelBox <= 8.1 - Unauthenticated SQLi |
| CVE-2023-0362 | 2023-02-13 | Themify Portfolio Post < 1.2.2 - Contributor+ Stored XSS |
| CVE-2023-0270 | 2023-02-13 | YaMaps for WordPress Plugin < 0.6.26 - Contributor+ Stored XSS |
| CVE-2023-0159 | 2023-02-13 | Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE |
| CVE-2022-4628 | 2023-02-13 | Easy PayPal Buy Now Button < 1.7.4 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4448 | 2023-02-13 | GiveWP < 2.24.0 - Contributor+ Stored XSS |
| CVE-2023-0099 | 2023-02-13 | Simple URLs < 115 - Multiple Reflected XSS |
| CVE-2023-0060 | 2023-02-13 | Responsive Gallery Grid < 2.3.9 - Contributor+ Stored XSS |
| CVE-2022-4678 | 2023-02-13 | TemplatesNext ToolKit < 3.2.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0220 | 2023-02-13 | Pinpoint Booking System < 2.9.9.2.9 - Subscriber+ SQLi |
| CVE-2022-4551 | 2023-02-13 | Rich Table of Contents < 1.3.9 - Contributor+ Stored XSS |
| CVE-2023-0373 | 2023-02-13 | Lightweight Accordion < 1.5.15 - Contributor+ Stored XSS |
| CVE-2023-0261 | 2023-02-13 | WP TripAdvisor Review Slider < 10.8 - Subscriber+ SQLi |
| CVE-2022-4458 | 2023-02-13 | Amr Shortcode Any Widget <= 4.0 - Contributor+ Stored XSS |
| CVE-2023-0169 | 2023-02-13 | Zoho Forms < 3.0.1 - Contributor+ Stored XSS |
| CVE-2023-0260 | 2023-02-13 | WP Review Slider < 12.2 - Subscriber+ SQLi |
| CVE-2022-4546 | 2023-02-13 | Mapwiz <= 1.0.1 - Admin+ SQLi |
| CVE-2023-0333 | 2023-02-13 | TemplatesNext ToolKit < 3.2.9 - Contributor+ Stored XSS |
| CVE-2023-0061 | 2023-02-13 | Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS |
| CVE-2023-0098 | 2023-02-13 | Simple URLs < 115 - Subscriber+ SQLi |
| CVE-2022-4512 | 2023-02-13 | Better Font Awesome < 2.0.4 - Contributor+ Stored XSS |
| CVE-2023-0263 | 2023-02-13 | WP Yelp Review Slider < 7.1 - Subscriber+ SQLi |
| CVE-2023-0275 | 2023-02-13 | Easy Accept Payments for PayPal < 4.9.10 - Contributor+ Stored XSS |
| CVE-2022-4656 | 2023-02-13 | WP Visitor Statistics (Real Time Traffic) < 6.5 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0259 | 2023-02-13 | WP Google Review Slider < 11.8 - Subscriber+ SQLi |
| CVE-2023-0166 | 2023-02-13 | PickPlugins Product Slider for WooCommerce < 1.13.42 - Contributor+ Stored XSS |
| CVE-2023-0255 | 2023-02-13 | Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload |
| CVE-2023-0080 | 2023-02-13 | Customer Reviews for WooCommerce < 5.16.0 - Contributor+ LFI |
| CVE-2023-0151 | 2023-02-13 | uTubeVideo Gallery < 2.0.8 - Contributor+ Stored XSS |
| CVE-2023-0405 | 2023-02-13 | GPT3 AI Content Writer < 1.4.38 - Subscriber+ Arbitrary Post Content Update |
| CVE-2023-0075 | 2023-02-13 | Amazon JS <= 0.10 - Contributor+ Stored XSS |
| CVE-2023-0034 | 2023-02-13 | JetWidgets For Elementor < 1.0.14 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4745 | 2023-02-13 | WP Customer Area < 8.1.4 - Unauthorised Actions via CSRF |
| CVE-2022-3891 | 2023-02-13 | WP FullCalendar < 1.5 - Unauthenticated Arbitrary Post Access |
| CVE-2022-4682 | 2023-02-13 | Lightbox Gallery < 0.9.5 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-0262 | 2023-02-13 | WP Airbnb Review Slider < 3.3 - Subscriber+ SQLi |
| CVE-2022-4488 | 2023-02-13 | Widgets on Pages < 1.8.0 - Contributor+ Stored XSS |
| CVE-2022-4471 | 2023-02-13 | YARPP - Yet Another Related Posts Plugin < 5.30.3 - Contributor+ Stored XSS |
| CVE-2022-4830 | 2023-02-13 | Paid Memberships Pro < 2.9.9 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4580 | 2023-02-13 | Twenty20 Image Before-After <= 1.5.9 - Contributor+ Stored XSS |
| CVE-2023-0177 | 2023-02-13 | Social Like Box and Page by WpDevArt < 0.8.41 - Contributor+ Stored XSS |
| CVE-2023-0360 | 2023-02-13 | Location Weather < 1.3.4 - Contributor+ Stored XSS |
| CVE-2022-4562 | 2023-02-13 | Meks Flexible Shortcodes < 1.3.5 - Contributor+ Stored XSS |
| CVE-2022-4759 | 2023-02-13 | GigPress < 2.3.28 - Contributor+ Stored XSS via Shortcode |
| CVE-2023-24804 | 2023-02-13 | ownCloud Android app vulnerable to Path Traversal |
| CVE-2022-3089 | 2023-02-13 | EnOcean SmartServer Hard-coded credentials |
| CVE-2023-23948 | 2023-02-13 | ownCloud Android app vulnerable to SQL Injection |
| CVE-2023-25159 | 2023-02-13 | Nextcloud Server previews are accessible without a watermark |
| CVE-2022-41134 | 2023-02-13 | WordPress Optinly Plugin <= 1.0.15 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-23551 | 2023-02-13 | X-600M Code Injection |
| CVE-2023-23553 | 2023-02-13 | X-400 Cross-Site Scripting |
| CVE-2023-25160 | 2023-02-13 | IDOR Vulnerability in Nextcloud Mail |
| CVE-2023-25161 | 2023-02-13 | Nextcloud Server's missing rate limiting on password reset functionality allows sending lots of emails |
| CVE-2023-25162 | 2023-02-13 | Nextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs |
| CVE-2023-25572 | 2023-02-13 | React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>` |
| CVE-2022-4905 | 2023-02-13 | UDX Stateless Media Plugin class-settings.php setup_wizard_interface cross site scripting |
| CVE-2015-10079 | 2023-02-13 | juju2143 WalrusIRC parser.js parseLinks cross site scripting |
| CVE-2023-22370 | 2023-02-14 | Stored cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera... |
| CVE-2021-46023 | 2023-02-14 | An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in... |
| CVE-2022-29557 | 2023-02-14 | LexisNexis Firco Compliance Link 3.7 allows CSRF. |
| CVE-2022-41564 | 2023-02-14 | TIBCO Operational Intelligence Hawk Redtail Credential Exposure Vulnerability |
| CVE-2023-0655 | 2023-02-14 | SonicWall Email Security contains a vulnerability that could permit a... |
| CVE-2023-0827 | 2023-02-14 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-22375 | 2023-02-14 | Cross-site request forgery (CSRF) vulnerability in Wired/Wireless LAN Pan/Tilt Network... |
| CVE-2023-22376 | 2023-02-14 | Reflected cross-site scripting vulnerability in Wired/Wireless LAN Pan/Tilt Network Camera... |
| CVE-2023-22629 | 2023-02-14 | An issue was discovered in TitanFTP through 1.94.1205. The move-file... |
| CVE-2023-24159 | 2023-02-14 | TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection... |
| CVE-2023-24160 | 2023-02-14 | TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection... |
| CVE-2023-24161 | 2023-02-14 | TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection... |
| CVE-2023-24187 | 2023-02-14 | An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows... |
| CVE-2023-25725 | 2023-02-14 | HAProxy before 2.7.3 may allow a bypass of access control... |
| CVE-2023-25758 | 2023-02-14 | Onekey Touch devices through 4.0.0 and Onekey Mini devices through... |
| CVE-2023-0814 | 2023-02-14 | The Profile Builder – User Profile & User Registration Forms... |
| CVE-2023-0019 | 2023-02-14 | In SAP GRC (Process Control) - versions GRCFND_A V1200, GRCFND_A... |
| CVE-2023-0020 | 2023-02-14 | SAP BusinessObjects Business Intelligence platform - versions 420, 430, allows... |
| CVE-2023-0024 | 2023-02-14 | SAP Solution Manager (BSP Application) - version 720, allows an... |
| CVE-2023-0025 | 2023-02-14 | SAP Solution Manager (BSP Application) - version 720, allows an... |
| CVE-2023-23851 | 2023-02-14 | SAP Business Planning and Consolidation - versions 200, 300, allows... |
| CVE-2023-23852 | 2023-02-14 | SAP Solution Manager (System Monitoring) - version 720, does not... |
| CVE-2023-23853 | 2023-02-14 | An unauthenticated attacker in AP NetWeaver Application Server for ABAP... |