CVE List - 2023 / September
Showing 1801 - 1900 of 2148 CVEs for September 2023 (Page 19 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-41449 | 2023-09-27 | An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker... |
| CVE-2023-41451 | 2023-09-27 | Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a... |
| CVE-2023-41452 | 2023-09-27 | Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows... |
| CVE-2023-41453 | 2023-09-27 | Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a... |
| CVE-2023-43191 | 2023-09-27 | SpringbootCMS 1.0 foreground message can be embedded malicious code saved... |
| CVE-2023-43192 | 2023-09-27 | SQL injection can exist in a newly created part of... |
| CVE-2023-43233 | 2023-09-27 | A stored cross-site scripting (XSS) vulnerability in the cms/content/edit component... |
| CVE-2023-43314 | 2023-09-27 | ** UNSUPPORTED WHEN ASSIGNED **The buffer overflow vulnerability in the... |
| CVE-2023-43320 | 2023-09-27 | An issue in Proxmox Server Solutions GmbH Proxmox VE v.5.4... |
| CVE-2023-43828 | 2023-09-27 | A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1... |
| CVE-2023-43830 | 2023-09-27 | A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1... |
| CVE-2023-44013 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44014 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain multiple stack... |
| CVE-2023-44015 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44016 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44017 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44018 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44019 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44020 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44021 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44022 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44023 | 2023-09-27 | Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack... |
| CVE-2023-44047 | 2023-09-27 | Sourcecodester Toll Tax Management System v1 is vulnerable to SQL... |
| CVE-2023-44048 | 2023-09-27 | Sourcecodester Expense Tracker App v1 is vulnerable to Cross Site... |
| CVE-2023-44080 | 2023-09-27 | An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker... |
| CVE-2023-4423 | 2023-09-27 | The WP Event Manager – Events Calendar, Registrations, Sell Tickets... |
| CVE-2023-28490 | 2023-09-27 | WordPress Mortgage Calculator Estatik Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-28790 | 2023-09-27 | WordPress Simple Staff List Plugin <= 2.2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40604 | 2023-09-27 | WordPress Cookies by JM Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27617 | 2023-09-27 | WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27616 | 2023-09-27 | WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40605 | 2023-09-27 | WordPress Typing Effect Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40330 | 2023-09-27 | WordPress GD Security Headers Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40663 | 2023-09-27 | WordPress WP VR Plugin <= 8.3.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40664 | 2023-09-27 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40665 | 2023-09-27 | WordPress Save as Image plugin by Pdfcrowd Plugin <= 2.16.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40668 | 2023-09-27 | WordPress Save as PDF plugin by Pdfcrowd Plugin <= 2.16.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40667 | 2023-09-27 | WordPress Simple URLs Plugin <= 117 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40676 | 2023-09-27 | WordPress Slimstat Analytics Plugin <= 5.0.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40669 | 2023-09-27 | WordPress Collapse-O-Matic Plugin <= 1.8.5.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-43825 | 2023-09-27 | Relative path traversal vulnerability in Shihonkanri Plus Ver9.0.3 and earlier... |
| CVE-2023-40675 | 2023-09-27 | WordPress Landing Page Builder Plugin <= 1.5.1.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40677 | 2023-09-27 | WordPress Vertical Marquee Plugin Plugin <= 7.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4934 | 2023-09-27 | IDOR in Usta AYBS |
| CVE-2023-25483 | 2023-09-27 | WordPress Easy Coming Soon Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27628 | 2023-09-27 | WordPress Sitekit Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-27622 | 2023-09-27 | WordPress GuruWalk Affiliates Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4737 | 2023-09-27 | SQLi in Hedef Trackings Admin Panel |
| CVE-2023-30471 | 2023-09-27 | WordPress WP Search Analytics Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-35071 | 2023-09-27 | SQLi in MRV Tech's Logging Administration Panel |
| CVE-2023-44121 | 2023-09-27 | LG ThinQ Service - Intent redirection with system privilege/LaunchAnyWhere |
| CVE-2023-30472 | 2023-09-27 | WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30493 | 2023-09-27 | WordPress Ultimate Addons for Contact Form 7 Plugin <= 3.2.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-40333 | 2023-09-27 | WordPress Bridge Core Plugin <= 3.0.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41235 | 2023-09-27 | WordPress Everest News Pro Theme <= 1.1.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41236 | 2023-09-27 | WordPress Happy Elementor Addons Pro Plugin <= 2.8.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41237 | 2023-09-27 | WordPress Arya Multipurpose Pro Theme <= 1.0.8 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41238 | 2023-09-27 | WordPress Social Media & Share Icons Plugin <= 2.8.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-44152 | 2023-09-27 | Sensitive information disclosure and manipulation due to improper authentication. The... |
| CVE-2023-44153 | 2023-09-27 | Sensitive information disclosure due to cleartext storage of sensitive information... |
| CVE-2023-44154 | 2023-09-27 | Sensitive information disclosure and manipulation due to improper authorization. The... |
| CVE-2023-44155 | 2023-09-27 | Sensitive information leak through log files. The following products are... |
| CVE-2023-44157 | 2023-09-27 | Local privilege escalation due to insecure folder permissions. The following... |
| CVE-2023-44158 | 2023-09-27 | Sensitive information disclosure due to insufficient token field masking. The... |
| CVE-2023-44160 | 2023-09-27 | Sensitive information manipulation due to cross-site request forgery. The following... |
| CVE-2023-44161 | 2023-09-27 | Sensitive information manipulation due to cross-site request forgery. The following... |
| CVE-2023-44205 | 2023-09-27 | Sensitive information disclosure due to improper authorization. The following products... |
| CVE-2023-44156 | 2023-09-27 | Sensitive information disclosure due to spell-jacking. The following products are... |
| CVE-2023-44159 | 2023-09-27 | Sensitive information disclosure due to cleartext storage of sensitive information.... |
| CVE-2023-44206 | 2023-09-27 | Sensitive information disclosure and manipulation due to improper authorization. The... |
| CVE-2023-44207 | 2023-09-27 | Stored cross-site scripting (XSS) vulnerability in protection plan name. The... |
| CVE-2023-4003 | 2023-09-27 | One Identity Password Manager version 5.9.7.1 - Unauthenticated physical access privilege escalation |
| CVE-2023-42486 | 2023-09-27 | Fortect - CWE-428: Unquoted Search Path or Element |
| CVE-2023-42487 | 2023-09-27 | Soundminer – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| CVE-2023-41241 | 2023-09-27 | WordPress SureCart Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41242 | 2023-09-27 | WordPress Snap Pixel Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-41653 | 2023-09-27 | WordPress Sermon'e – Sermons Online Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-5221 | 2023-09-27 | ForU CMS index.php code injection |
| CVE-2023-5222 | 2023-09-27 | Viessmann Vitogate 300 Web Management Interface vitogate.cgi isValidUser hard-coded password |
| CVE-2023-0456 | 2023-09-27 | Apicast proxies the api call with incorrect jwt token to the api backend without proper authorization check |
| CVE-2023-0833 | 2023-09-27 | Red hat a-mq streams: component version with information disclosure flaw |
| CVE-2023-44122 | 2023-09-27 | LockScreenSettings - Theft arbitrary files with system privilege |
| CVE-2023-44123 | 2023-09-27 | Bluetooth - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking |
| CVE-2023-3223 | 2023-09-27 | Undertow: outofmemoryerror due to @multipartconfig handling |
| CVE-2023-44124 | 2023-09-27 | Screen recording - Theft of arbitrary files with system privilege |
| CVE-2023-44125 | 2023-09-27 | Personalized service - Theft and (over-)write of arbitrary files with system privilege via PendingIntent hijacking |
| CVE-2023-5223 | 2023-09-27 | HimitZH HOJ Topic sandbox |
| CVE-2023-44126 | 2023-09-27 | Call management - Implicit intents disclose telephony data such as phone numbers, call states, contacts |
| CVE-2023-44127 | 2023-09-27 | Call management - Implicit activity intents disclose contact details and phone numbers |
| CVE-2023-44128 | 2023-09-27 | LGInstallService - Deletion of arbitrary files with system privilege |
| CVE-2023-44129 | 2023-09-27 | Messaging - Gaining access to arbitrary content providers via QClipIntentReceiverActivity |
| CVE-2023-5168 | 2023-09-27 | A compromised content process could have provided malicious data to... |
| CVE-2023-5169 | 2023-09-27 | A compromised content process could have provided malicious data in... |
| CVE-2023-5171 | 2023-09-27 | During Ion compilation, a Garbage Collection could have resulted in... |
| CVE-2023-5174 | 2023-09-27 | If Windows failed to duplicate a handle during process creation,... |
| CVE-2023-5176 | 2023-09-27 | Memory safety bugs present in Firefox 117, Firefox ESR 115.2,... |
| CVE-2023-5170 | 2023-09-27 | In canvas rendering, a compromised content process could have caused... |
| CVE-2023-5172 | 2023-09-27 | A hashtable in the Ion Engine could have been mutated... |
| CVE-2023-5173 | 2023-09-27 | In a non-standard configuration of Firefox, an integer overflow could... |
| CVE-2023-5175 | 2023-09-27 | During process shutdown, it was possible that an `ImageBitmap` was... |