Lista CVE 2023/1xxx

CVE nel gruppo: 1xxx

CVE-2023-1041 (N/A)

CVE-2023-1042 (SourceCodester Simple Responsive Tourism Website rate_review.php cross site scripting)

CVE-2023-1043 (SourceCodester Online Pet Shop We App update_status.php cross site scripting)

CVE-2023-1044 (MuYuCMS index.php path traversal)

CVE-2023-1045 (MuYuCMS index.php path traversal)

CVE-2023-1046 (MuYuCMS filesdel.html path traversal)

CVE-2023-1047 (MuYuCMS getFile.html server-side request forgery)

CVE-2023-1048 (TechPowerUp RealTemp WinRing0x64.sys initialization)

CVE-2023-1049 (TechPowerUp Ryzen DRAM Calculator WinRing0x64.sys initialization)

CVE-2023-1050 (N/A)

CVE-2023-1051 (SQLi in As Koc Web Report System)

CVE-2023-1053 (XSS in As Koc Web Report System)

CVE-2023-1054 (SourceCodester Music Gallery Site view_category.php sql injection)

CVE-2023-1055 (SourceCodester Music Gallery Site sql injection)

CVE-2023-1056 (N/A)

CVE-2023-1057 (SourceCodester Doctors Appointment System patient.php sql injection)

CVE-2023-1058 (SourceCodester Doctors Appointment System login.php edoc sql injection)

CVE-2023-1059 (SourceCodester Doctors Appointment System create-account.php sql injection)

CVE-2023-1060 (SourceCodester Doctors Appointment System Parameter doctors.php sql injection)

CVE-2023-1061 (XSS in YKM CRM)

CVE-2023-1062 (SourceCodester Doctors Appointment System edit-doc.php sql injection)

CVE-2023-1063 (SourceCodester Doctors Appointment System Parameter add-new.php sql injection)

CVE-2023-1064 (SourceCodester Doctors Appointment System Parameter patient.php sql injection)

CVE-2023-1065 (SQLi in Uzay Baskul’s Weighbridge Automation Software)

CVE-2023-1067 (N/A)

CVE-2023-1068 (Cross-site Scripting (XSS) – Stored in pimcore/pimcore)

CVE-2023-1069 (N/A)

CVE-2023-1070 (Complianz – GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS)

CVE-2023-1071 (External Control of File Name or Path in nilsteampassnet/teampass)

CVE-2023-1072 (N/A)

CVE-2023-1073 (N/A)

CVE-2023-1074 (N/A)

CVE-2023-1075 (N/A)

CVE-2023-1076 (N/A)

CVE-2023-1077 (N/A)

CVE-2023-1078 (N/A)

CVE-2023-1079 (N/A)

CVE-2023-1080 (N/A)

CVE-2023-1081 (N/A)

CVE-2023-1082 (Cross-site Scripting (XSS) – Stored in microweber/microweber)

CVE-2023-1083 (Welotec: Command injection vulnerability in TK500v1 router series)

CVE-2023-1084 (Welotec: improper access control in TK500v1 router series)

CVE-2023-1086 (N/A)

CVE-2023-1087 (Preview Link Generator < 1.0.4 - Arbitrary Plugin Activation via CSRF)

CVE-2023-1088 (WC Sales Notification < 1.2.3 - Arbitrary Plugin Activation via CSRF)

CVE-2023-1089 (WP Plugin Manager < 1.1.8 - Arbitrary Plugin Activation via CSRF)

CVE-2023-1090 (Coupon Zen < 1.0.6 - Arbitrary Plugin Activation via CSRF)

CVE-2023-1091 (WP SMTP Mailing Queue < 2.0.1 - Admin+ Stored XSS)

CVE-2023-1092 (SQL Injection found in ALPATA’s Licensed Warehousing Automation System)

CVE-2023-1093 (OAuth Single Sign On – SSO (OAuth Client) – IdP Deletion via CSRF)

CVE-2023-1094 (OAuth Single Sign On – SSO (OAuth Client) < 6.24.2 - IdP Discard via CSRF)

CVE-2023-1095 (N/A)

CVE-2023-1096 (N/A)

CVE-2023-1097 (N/A)

CVE-2023-1098 (Unauthenticated Command Injection EG7035-M11 Series)

CVE-2023-1099 (N/A)

CVE-2023-1100 (SourceCodester Online Student Management System edit-class-detail.php sql injection)

CVE-2023-1101 (SourceCodester Online Catering Reservation System POST Parameter add_message.php sql injection)

CVE-2023-1103 (N/A)

CVE-2023-1104 (N/A)