Lista CVE 2023/3xxx

CVE nel gruppo: 3xxx

CVE-2023-3042 (Clicca per dettagli)

CVE-2023-3043 (CNA SHORTNAME: dotCMSORG UUID: 5b9d93f2-25c7-46b4-ab60-d201718c9dd8)

CVE-2023-3044 (Stack-based Buffer Overflow BMC)

CVE-2023-3045 (Divide-by-zero in Xpdf 4.04 due to very large page size)

CVE-2023-3046 (SQLi in Tise Technology’s Parking Web Report)

CVE-2023-3047 (SQLi in Biltay Technlogys Scienta)

CVE-2023-3048 (SQLi in TMT’s Lockcell)

CVE-2023-3049 (IDOR in TMT’s Lockcell)

CVE-2023-3050 (File Upload in TMT’s Lockcell)

CVE-2023-3051 (Authentication Bypass in TMT’s Lockcell)

CVE-2023-3052 (Clicca per dettagli)

CVE-2023-3053 (Clicca per dettagli)

CVE-2023-3055 (Clicca per dettagli)

CVE-2023-3056 (Clicca per dettagli)

CVE-2023-3057 (YFCMF index.php path traversal)

CVE-2023-3058 (YFCMF Ajax.php path traversal)

CVE-2023-3059 (07FLY CRM User Profile cross site scripting)

CVE-2023-3060 (SourceCodester Online Exam Form Submission update_s6.php sql injection)

CVE-2023-3061 (code-projects Agro-School Management System btn_functions.php doAddQuestion cross site scripting)

CVE-2023-3062 (code-projects Agro-School Management System Attachment Image btn_functions.php unrestricted upload)

CVE-2023-3063 (code-projects Agro-School Management System index.php sql injection)

CVE-2023-3064 (Clicca per dettagli)

CVE-2023-3065 (Mobatime mobile application – Sensitive information disclosure)

CVE-2023-3066 (Mobatime mobile application – Authentication bypass)

CVE-2023-3067 (Mobatime mobile application – Broken authorisation)

CVE-2023-3068 (Cross-site Scripting (XSS) – Stored in zadam/trilium)

CVE-2023-3069 (Campcodes Retro Cellphone Online Store modal_add_product.php sql injection)

CVE-2023-3070 (Unverified Password Change in tsolucio/corebos)

CVE-2023-3071 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3072 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3073 (Nomad ACL Policies without Label are Applied to Unexpected Resources)

CVE-2023-3074 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3075 (Cross-site Scripting (XSS) – Stored in tsolucio/corebos)

CVE-2023-3076 (Cross-Site Request Forgery (CSRF) in tsolucio/corebos)

CVE-2023-3077 (MStore API < 3.9.9 - Unauthenticated Privilege Escalation)

CVE-2023-3078 (MStore API < 3.9.8 - Unauthenticated Blind SQLi)

CVE-2023-3079 (Clicca per dettagli)

CVE-2023-3080 (Clicca per dettagli)

CVE-2023-3081 (Clicca per dettagli)

CVE-2023-3082 (Clicca per dettagli)

CVE-2023-3083 (Clicca per dettagli)

CVE-2023-3084 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3085 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3086 (X-WRT luci 404 Error Template dispatcher.uc run_action cross site scripting)

CVE-2023-3087 (Cross-site Scripting (XSS) – Stored in nilsteampassnet/teampass)

CVE-2023-3088 (Clicca per dettagli)

CVE-2023-3089 (Clicca per dettagli)

CVE-2023-3090 (Ocp & fips mode)

CVE-2023-3091 (Out-of-bounds write in Linux kernel’s ipvlan network driver)

CVE-2023-3092 (Captura CRYPTBASE.dll uncontrolled search path)

CVE-2023-3093 (Clicca per dettagli)

CVE-2023-3094 (Clicca per dettagli)

CVE-2023-3095 (code-projects Agro-School Management System btn_functions.php doUpdateQuestion sql injection)

CVE-2023-3096 (Improper Access Control in nilsteampassnet/teampass)

CVE-2023-3097 (KylinSoft kylin-software-properties changedSource access control)

CVE-2023-3098 (KylinSoft kylin-software-properties setMainSource os command injection)

CVE-2023-3099 (KylinSoft youker-assistant restore_all_sound_file path traversal)

CVE-2023-3100 (KylinSoft youker-assistant Arbitrary File dbus.SystemBus delete_file access control)

CVE-2023-3102 (IBOS del actionDel sql injection)

CVE-2023-3103 (Insertion of Sensitive Information Into Sent Data in GitLab)