CVE List - 2023 / April
Showing 601 - 700 of 2302 CVEs for April 2023 (Page 7 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-1956 | 2023-04-08 | SourceCodester Online Computer and Laptop Store Image path traversal |
| CVE-2023-1957 | 2023-04-08 | SourceCodester Online Computer and Laptop Store Subcategory sql injection |
| CVE-2023-1958 | 2023-04-08 | SourceCodester Online Computer and Laptop Store sql injection |
| CVE-2023-1959 | 2023-04-08 | SourceCodester Online Computer and Laptop Store sql injection |
| CVE-2023-1960 | 2023-04-08 | SourceCodester Online Computer and Laptop Store sql injection |
| CVE-2023-1961 | 2023-04-08 | SourceCodester Online Computer and Laptop Store cross site scripting |
| CVE-2013-10024 | 2023-04-08 | Exit Strategy Plugin exitpage.php information disclosure |
| CVE-2013-10025 | 2023-04-08 | Exit Strategy Plugin exitpage.php exitpageadmin cross-site request forgery |
| CVE-2023-27718 | 2023-04-09 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow... |
| CVE-2023-27719 | 2023-04-09 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow... |
| CVE-2023-27720 | 2023-04-09 | D-Link DIR878 1.30B08 was discovered to contain a stack overflow... |
| CVE-2023-27727 | 2023-04-09 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation... |
| CVE-2023-27728 | 2023-04-09 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation... |
| CVE-2023-27729 | 2023-04-09 | Nginx NJS v0.7.10 was discovered to contain an illegal memcpy... |
| CVE-2023-27730 | 2023-04-09 | Nginx NJS v0.7.10 was discovered to contain a segmentation violation... |
| CVE-2012-10010 | 2023-04-09 | BestWebSoft Contact Form contact_form.php cntctfrm_settings_page cross-site request forgery |
| CVE-2014-125095 | 2023-04-09 | BestWebSoft Contact Form Plugin bws_menu.php bws_add_menu_render cross site scripting |
| CVE-2023-1962 | 2023-04-09 | SourceCodester Best Online News Portal POST Parameter forgot-password.php sql injection |
| CVE-2023-1963 | 2023-04-09 | PHPGurukul Bank Locker Management System Search index.php sql injection |
| CVE-2023-1964 | 2023-04-09 | PHPGurukul Bank Locker Management System Password Reset recovery.php sql injection |
| CVE-2012-10011 | 2023-04-09 | HD FLV PLayer Plugin functions.php hd_update_media sql injection |
| CVE-2009-10004 | 2023-04-09 | Turante Sandbox Theme functions.php sandbox_body_class cross site scripting |
| CVE-2012-10012 | 2023-04-09 | BestWebSoft Facebook Like Button facebook-button-plugin.php fcbk_bttn_plgn_settings_page cross-site request forgery |
| CVE-2023-1916 | 2023-04-10 | A flaw was found in tiffcrop, a program distributed by... |
| CVE-2020-36077 | 2023-04-10 | SQL injection vulnerability found in Tailor Mangement System v.1 allows... |
| CVE-2021-45985 | 2023-04-10 | In Lua 5.4.3, an erroneous finalizer called during a tail... |
| CVE-2022-32871 | 2023-04-10 | A logic issue was addressed with improved restrictions. This issue... |
| CVE-2022-37462 | 2023-04-10 | A stored Cross-Site Scripting (XSS) vulnerability in the Chat gadget... |
| CVE-2022-39048 | 2023-04-10 | Cross-Site Scripting (XSS) vulnerability in ServiceNow UI page assessment_redirect |
| CVE-2022-41976 | 2023-04-10 | An privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build... |
| CVE-2022-42858 | 2023-04-10 | A memory corruption issue was addressed with improved input validation.... |
| CVE-2022-46703 | 2023-04-10 | A logic issue was addressed with improved restrictions. This issue... |
| CVE-2022-46709 | 2023-04-10 | A memory corruption issue was addressed with improved state management.... |
| CVE-2022-46716 | 2023-04-10 | A logic issue was addressed with improved state management. This... |
| CVE-2022-46717 | 2023-04-10 | A logic issue was addressed with improved restrictions. This issue... |
| CVE-2023-1668 | 2023-04-10 | A flaw was found in openvswitch (OVS). When processing an... |
| CVE-2023-24181 | 2023-04-10 | LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected... |
| CVE-2023-24721 | 2023-04-10 | A cross-site scripting (XSS) vulnerability in LiveAction LiveSP v21.1.2 allows... |
| CVE-2023-25392 | 2023-04-10 | Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate... |
| CVE-2023-26063 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 access a Resource By Using... |
| CVE-2023-26064 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have an Out-of-bounds Write. |
| CVE-2023-26065 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have an Integer Overflow. |
| CVE-2023-26066 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 have Improper Validation of an... |
| CVE-2023-26067 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1... |
| CVE-2023-26068 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2... |
| CVE-2023-26069 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 3... |
| CVE-2023-26070 | 2023-04-10 | Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 4... |
| CVE-2023-26466 | 2023-04-10 | A user with non-Admin access can change a configuration file... |
| CVE-2023-26467 | 2023-04-10 | A man in the middle can redirect traffic to a... |
| CVE-2023-26495 | 2023-04-10 | An issue was discovered in Open Design Alliance Drawings SDK... |
| CVE-2023-26773 | 2023-04-10 | Cross Site Scripting vulnerability found in Sales Tracker Management System... |
| CVE-2023-26774 | 2023-04-10 | An issue found in Sales Tracker Management System v.1.0 allows... |
| CVE-2023-26788 | 2023-04-10 | Veritas Appliance v4.1.0.1 is affected by Host Header Injection attacks.... |
| CVE-2023-26860 | 2023-04-10 | SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and before... |
| CVE-2023-26919 | 2023-04-10 | delight-nashorn-sandbox 0.2.4 and 0.2.5 is vulnerable to sandbox escape. When... |
| CVE-2023-26986 | 2023-04-10 | An issue in China Mobile OA Mailbox PC v2.9.23 allows... |
| CVE-2023-27076 | 2023-04-10 | Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker... |
| CVE-2023-27178 | 2023-04-10 | An arbitrary file upload vulnerability in the upload function of... |
| CVE-2023-27650 | 2023-04-10 | An issue found in APUS Group Launcher v.3.10.73 and v.3.10.88... |
| CVE-2023-28093 | 2023-04-10 | A user with a compromised configuration can start an unsigned... |
| CVE-2023-28205 | 2023-04-10 | A use after free issue was addressed with improved memory... |
| CVE-2023-28206 | 2023-04-10 | An out-of-bounds write issue was addressed with improved input validation.... |
| CVE-2023-29375 | 2023-04-10 | An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647,... |
| CVE-2023-29376 | 2023-04-10 | An issue was discovered in Progress Sitefinity 13.3 before 13.3.7647,... |
| CVE-2023-30456 | 2023-04-10 | An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel... |
| CVE-2014-125096 | 2023-04-10 | Fancy Gallery Plugin Options Page class.options.php cross site scripting |
| CVE-2014-125097 | 2023-04-10 | BestWebSoft Facebook Like Button facebook-button-plugin.php fcbkbttn_settings_page cross site scripting |
| CVE-2014-125098 | 2023-04-10 | Dart http_server Directory Listing virtual_directory.dart VirtualDirectory cross site scripting |
| CVE-2023-26120 | 2023-04-10 | This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded... |
| CVE-2023-29215 | 2023-04-10 | Apache Linkis JDBC EngineCon has a deserialization command execution |
| CVE-2023-27602 | 2023-04-10 | Apache Linkis publicsercice module unrestricted upload of file |
| CVE-2023-27603 | 2023-04-10 | Apache Linkis Mangaer module engineConn material upload exists Zip Slip issue |
| CVE-2023-27987 | 2023-04-10 | Apache Linkis gateway module token authentication bypass |
| CVE-2023-29216 | 2023-04-10 | Apache Linkis DatasourceManager module has a deserialization command execution |
| CVE-2015-10099 | 2023-04-10 | CP Appointment Calendar Plugin dex_appointments.php dex_process_ready_to_go_appointment sql injection |
| CVE-2023-0363 | 2023-04-10 | Scheduled Announcements Widget < 1.0 - Contributor+ Stored XSS |
| CVE-2023-1122 | 2023-04-10 | Simple Giveaways < 2.45.1 - Editor+ Stored Cross-Site Scripting |
| CVE-2023-0893 | 2023-04-10 | Time Sheets < 1.29.3 - Admin+ Stored XSS |
| CVE-2023-1406 | 2023-04-10 | JetEngine < 3.1.3.1 - Author+ Remote Code Execution |
| CVE-2023-1426 | 2023-04-10 | WP Tiles <= 1.1.2 - Subscriber+ Draft/Private Post Title Disclosure |
| CVE-2023-1425 | 2023-04-10 | Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi |
| CVE-2023-0605 | 2023-04-10 | Auto Rename Media On Upload < 1.1.0 - Admin+ Stored XSS |
| CVE-2023-0983 | 2023-04-10 | Stylish Cost Calculator Premium < 7.9.0 - Unauthenticated Stored XSS |
| CVE-2023-1478 | 2023-04-10 | Hummingbird < 3.4.2 - Unauthenticated Path Traversal |
| CVE-2023-0156 | 2023-04-10 | All-In-One Security (AIOS) < 5.1.5 - Admin+ Arbitrary File/Folder Access via Traversal |
| CVE-2023-1120 | 2023-04-10 | Simple Giveaways < 2.45.1 - Admin+ Stored XSS |
| CVE-2023-0422 | 2023-04-10 | Article Directory <= 1.3 - Admin+ Stored XSS |
| CVE-2023-0423 | 2023-04-10 | WordPress Amazon S3 Plugin < 1.6 - Reflected XSS |
| CVE-2023-0874 | 2023-04-10 | Klaviyo <= 3.0.10 - Admin+ Stored XSS |
| CVE-2023-1121 | 2023-04-10 | Simple Giveaways < 2.45.1 - Admin+ Stored Cross-Site Scripting |
| CVE-2022-4827 | 2023-04-10 | WP Tiles <= 1.1.2 - Contributor+ Stored XSS |
| CVE-2023-0157 | 2023-04-10 | All-In-One Security (AIOS) < 5.1.5 - Admin+ Stored XSS |
| CVE-2023-0546 | 2023-04-10 | FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field |
| CVE-2023-1381 | 2023-04-10 | WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization |
| CVE-2023-1969 | 2023-04-10 | SourceCodester Online Eyewear Shop GET Parameter manage_stock.php sql injection |
| CVE-2023-1970 | 2023-04-10 | yuan1994 tpAdmin Upload.php Upload unrestricted upload |
| CVE-2023-1971 | 2023-04-10 | yuan1994 tpAdmin Upload.php remote server-side request forgery |
| CVE-2015-10100 | 2023-04-10 | Dynamic Widgets Plugin dynwid_class.php sql injection |
| CVE-2018-25084 | 2023-04-10 | Ping Identity Self-Service Account Manager SSAMController.java cross site scripting |
| CVE-2023-29005 | 2023-04-10 | No Rate Limiting on Login AUTH DB |