nagenanhai/cve

Releases0

Stars5

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-4172 ↗	Aug 5, 2023Saturday, 5 August 2023, 23:15	4.3 MEDIUM	4 MEDIUM
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236207.
CVE-2023-4171 ↗	Aug 5, 2023Saturday, 5 August 2023, 21:15	4.3 MEDIUM	4 MEDIUM
A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236206 is the identifier assigned to this vulnerability.
CVE-2023-4165 ↗	Aug 5, 2023Saturday, 5 August 2023, 14:15	5.5 MEDIUM	5.2 MEDIUM
A vulnerability, which was classified as critical, was found in Tongda OA. This affects an unknown part of the file general/system/seal_manage/iweboffice/delete_seal.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-236181 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-3873 ↗	Jul 25, 2023Tuesday, 25 July 2023, 00:15	7.3 HIGH	7.5 HIGH
A vulnerability, which was classified as critical, has been found in Campcodes Beauty Salon Management System 1.0. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235235.
CVE-2023-3871 ↗	Jul 24, 2023Monday, 24 July 2023, 22:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. This affects an unknown part of the file /admin/edit_category.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235233 was assigned to this vulnerability.
CVE-2023-3872 ↗	Jul 24, 2023Monday, 24 July 2023, 22:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. This vulnerability affects unknown code of the file /admin/edit-services.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235234 is the identifier assigned to this vulnerability.