Skip to content

Shan

I am a  Technical Architect who dabbles with different languages and technologies

CVE-2023-42261

Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions..This CVE has a CVSS3.1 score of 7.5 and a Base Severity of HIGH. Info… Read More »CVE-2023-42261

CVE-2023-39575

A reflected cross-site scripting (XSS) vulnerability in the url_str URL parameter of ISL ARP Guard v4.0.2 allows attackers to execute arbitrary web scripts or HTML… Read More »CVE-2023-39575

CVE-2023-36319

File Upload vulnerability in Openupload Stable v.0.4.3 allows a remote attacker to execute arbitrary code via the action parameter of the compress-inc.php file..This CVE has… Read More »CVE-2023-36319

CVE-2020-24089

An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter version 8.0.2, allows local attackers to cause a denial of service (DoS).. Info Details CVE… Read More »CVE-2020-24089

CVE-2023-40788

SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs.This CVE has… Read More »CVE-2023-40788

CVE-2021-26837

SQL Injection vulnerability in SearchTextBox parameter in Fortra (Formerly HelpSystems) DeliverNow before version 1.2.18, allows attackers to execute arbitrary code, escalate privileges, and gain sensitive… Read More »CVE-2021-26837

CVE-2023-41436

Cross Site Scripting vulnerability in CSZCMS v.1.3.0 allows a local attacker to execute arbitrary code via a crafted script to the Additional Meta Tag parameter… Read More »CVE-2023-41436

CVE-2023-36160

An issue was discovered in Qubo Smart Plug10A version HSP02_01_01_14_SYSTEM-10 A, allows local attackers to gain sensitive information and other unspecified impact via UART console..This… Read More »CVE-2023-36160

CVE-2023-40958

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a… Read More »CVE-2023-40958

CVE-2023-40957

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a… Read More »CVE-2023-40957

CVE-2023-40956

A SQL injection vulnerability in Cloudroits Website Job Search v.15.0 allows a remote authenticated attacker to execute arbitrary code via the name parameter in controllers/main.py… Read More »CVE-2023-40956

CVE-2023-40955

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management (aka pdm) v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a… Read More »CVE-2023-40955

CVE-2023-39642

Carts Guru cartsguru up to v2.4.2 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::display()..This CVE has a CVSS3.1 score of 5.5… Read More »CVE-2023-39642