Auto Generated cves.json [Tue Feb 21 08:24:22 UTC 2023] 🤖
parent
d182c738b3
commit
88dd0e77f8
|
@ -1588,3 +1588,4 @@
|
|||
{"ID":"CVE-2023-23489","Info":{"Name":"Easy Digital Downloads 3.1.0.2 \u0026 3.1.0.3 - Unauthenticated SQLi","Severity":"critical","Description":"The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 \u0026 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23489.yaml"}
|
||||
{"ID":"CVE-2023-23752","Info":{"Name":"Joomla Improper AccessCheck in WebService Endpoint","Severity":"high","Description":"An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2023/CVE-2023-23752.yaml"}
|
||||
{"ID":"CVE-2023-24044","Info":{"Name":"Plesk Obsidian - Host Header Injection","Severity":"medium","Description":"A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24044.yaml"}
|
||||
{"ID":"CVE-2023-24322","Info":{"Name":"mojoPortal - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24322.yaml"}
|
||||
|
|
Loading…
Reference in New Issue