vulns

---

Vulnerability Notes

• CVE-2023-5195 | Mattermost Delete Team authorization
• CVE-2023-5194 | Mattermost Deactivation permission
• CVE-2023-5193 | Mattermost DM Conversation authorization
• CVE-2023-5159 | Mattermost Manager Role Bot authorization
• CVE-2023-5288 | SICK SIM1012 access control (sca-2023-0008)
• CVE-2023-5196 | Mattermost Notifications resource consumption
• CVE-2023-43944 | SourceCodester Task Management System 1.0 index.php cross site scripting
• CVE-2023-43909 | Hospital Management System up to 4770d appsearch.php app_contact sql injection
• CVE-2023-5287 | BEECMS 4.0 admin_content_tag.php tag cross site scripting
• CVE-2023-5286 | SourceCodester Expense Tracker App v1 Category add_category.php category_name cross site scripting
• CVE-2023-5285 | Tongda OA 2017 prior 11.10 delete.php RECRUITMENT_ID sql injection
• CVE-2023-5284 | SourceCodester Engineers Online Portal 1.0 upload_save_student.php uploaded_file unrestricted upload
• CVE-2023-5283 | SourceCodester Engineers Online Portal 1.0 teacher_signup.php firstname/lastname sql injection
• CVE-2023-5282 | SourceCodester Engineers Online Portal 1.0 seed_message_student.php teacher_id sql injection
• CVE-2023-5281 | SourceCodester Engineers Online Portal 1.0 remove_inbox_message.php id sql injection
• CVE-2023-5280 | SourceCodester Engineers Online Portal 1.0 my_students.php id sql injection
• CVE-2023-5279 | SourceCodester Engineers Online Portal 1.0 my_classmates.php teacher_class_student_id sql injection
• CVE-2023-5278 | SourceCodester Engineers Online Portal 1.0 login.php username/password sql injection
• CVE-2023-5277 | SourceCodester Engineers Online Portal 1.0 student_avatar.php change unrestricted upload
• CVE-2023-5276 | SourceCodester Engineers Online Portal 1.0 downloadable_student.php id sql injection
• CVE-2022-4956 | Caphyon Advanced Installer 19.7 WinSxS DLL uncontrolled search path
• CVE-2023-3413 | GitLab Fork information disclosure (Issue 416284)
• CVE-2023-32477 | Dell Common Event Enabler up to 8.9.8.2 on Windows access control (dsa-2023-310)
• CVE-2023-5198 | GitLab Protected Branch access control (Issue 416957)
• CVE-2023-3922 | GitLab UI injection (Issue 394770)
• CVE-2023-3917 | Gitlab Enterprise Edition Pipeline denial of service (Issue 417896)
• CVE-2023-44469 | LemonLDAP::NG up to 2.17.0 OpenID Connect Issuer request_uri server-side request forgery (Issue 2998)
• CVE-2023-3914 | GitLab Enterprise Edition Internal Project logic error (Issue 418115)
• CVE-2023-3906 | GitLab Enterprise Edition Asset proxy access control (Issue 419213)
• CVE-2023-4532 | GitLab Private Project information disclosure (Issue 423357)
• CVE-2023-3920 | GitLab Project Fork data authenticity (Issue 417481)
• CVE-2023-2233 | GitLab Community Edition/Enterprise Edition Sentry Instance Project improper authorization (Issue 408359)
• CVE-2023-0989 | GitLab Community Edition/Enterprise Edition information disclosure (Issue 417275)
• CVE-2023-3979 | GitLab access control (Issue 419972)
• CVE-2023-3115 | GitLab Enterprise Edition Single Sign On Restriction access control (Issue 414367)
• CVE-2023-30591 | NodeBB up to 2.8.10 Socket.IO Message eventName.startsWith/eventName.toString unexpected data type
• CVE-2023-44466 | Linux Kernel up to 6.4.4 Ceph File System net/ceph/messenger_v2.c buffer overflow (GHSA-jg27-jx6w-xwph)
• CVE-2023-5273 | SourceCodester Best Courier Management System 1.0 manage_parcel_status.php id cross site scripting
• CVE-2023-5272 | SourceCodester Best Courier Management System 1.0 GET Parameter edit_parcel.php id sql injection
• CVE-2023-5271 | SourceCodester Best Courier Management System 1.0 edit_parcel.php email sql injection
• CVE-2023-5270 | SourceCodester Best Courier Management System 1.0 view_parcel.php id sql injection
• CVE-2023-5269 | SourceCodester Best Courier Management System 1.0 GET Parameter parcel_list.php s sql injection
• CVE-2023-5268 | DedeBIZ 6.2 makehtml_taglist_action.php mktime sql injection
• CVE-2023-5267 | Tongda OA 2017 prior 11.10 delete.php EXPERT_ID sql injection
• CVE-2023-5266 | DedeBIZ 6.2 /src/admin/tags_main.php ids sql injection
• CVE-2023-5265 | Tongda OA 2017 prior 11.10 delete.php TRANSFER_ID sql injection
• CVE-2023-5264 | huakecms 3.0 /admin/cms_content.php cid sql injection
• CVE-2023-26146 | ithewei libhv File Name cross site scripting
• CVE-2023-26147 | ithewei libhv ithewei/libhv response splitting
• CVE-2023-44464 | pretix prior 2023.7.2 EPS File Parser Privilege Escalation
• CVE-2023-26148 | ithewei libhv Request Header injection
• CVE-2023-5263 | ZZZCMS 2.1.7 Database Backup File /admin/save.php restore permission
• CVE-2023-5262 | OpenRapid RapidCMS 1.3.1 uploadicon.php isImg fileName unrestricted upload
• CVE-2023-5261 | Tongda OA 2017 prior 11.10 delete.php EVALUATION_ID sql injection
• CVE-2023-5260 | SourceCodester Simple Membership System 1.0 group_validator.php club_id sql injection
• CVE-2023-5259 | ForU CMS /admin/cms_admin.php del denial of service
• CVE-2023-5258 | OpenRapid RapidCMS 1.3.1 /resource/addgood.php sql injection
• CVE-2023-5257 | WhiteHSBG JNDIExploit 1.4 on Windows HTTPServer.java handleFileRequest path traversal
• CVE-2023-44174 | Online Movie Ticket Booking System 1.0 cross site scripting
• CVE-2023-44173 | Online Movie Ticket Booking System 1.0 cross site scripting
• CVE-2023-5053 | Hospital Management System 378c157 sql injection
• CVE-2023-43740 | Online Book Store 1.0 unrestricted upload
• CVE-2023-3775 | Hashicorp Vault Enterprise up to 1.13.7/1.14.3 Sentinel Role Governing Policy denial of service
• CVE-2023-5004 | Hospital Management System 378c157 sql injection
• CVE-2023-4316 | Zod 3.22.2 Email Validation denial of service
• CVE-2023-44168 | Online Movie Ticket Booking System 1.0 process_registration.php phone sql injection
• CVE-2023-43654 | TorchServe up to 0.8.1 server-side request forgery (GHSA-8fxr-qfr9-p34w)
• CVE-2023-41911 | Samsung Exynos 2200 GPU double free
• CVE-2023-5077 | Hashicorp Vault/Vault Enterprise up to 1.12.x Google Cloud Secrets Engine permission assignment
• CVE-2023-44167 | Online Movie Ticket Booking System 1.0 process_registration.php name sql injection
• CVE-2023-44166 | Online Movie Ticket Booking System 1.0 process_registration.php age sql injection
• CVE-2023-44165 | Online Movie Ticket Booking System 1.0 process_login.php Password sql injection
• CVE-2023-44164 | Online Movie Ticket Booking System 1.0 process_login.php Email sql injection
• CVE-2023-43739 | Online Book Store 1.0 cart.php bookisbn sql injection
• CVE-2023-44163 | Online Movie Ticket Booking System 1.0 process_search.php search sql injection
• CVE-2023-43662 | ShokoServer /api/Image/WithPath System.IO.File.OpenRead serverImagePath path traversal (GHSA-mwcv-ghjq-8f2g)
• CVE-2023-43014 | Asset Management System 1.0 user.php first_name/last_name sql injection
• CVE-2023-43013 | Asset Management System 1.0 index.php email sql injection
• CVE-2023-5185 | Gym Management System 1.0 profile/i.php file unrestricted upload
• CVE-2023-42666 | DEXMA DEXGate 20130114 Request information disclosure (icsa-23-271-02)
• CVE-2023-41088 | DEXMA DEXGate 20130114 cleartext transmission (icsa-23-271-02)
• CVE-2023-42435 | DEXMA DEXGate 20130114 cross-site request forgery (icsa-23-271-02)
• CVE-2023-40153 | DEXMA DEXGate 20130114 hostname cross site scripting (icsa-23-271-02)
• CVE-2023-36857 | Baker Hughes Bently Nevada 3500 5.05 authentication replay (icsa-23-269-05)
• CVE-2023-34441 | Baker Hughes Bently Nevada 3500 5.05 cleartext transmission (icsa-23-269-05)
• CVE-2023-34437 | Baker Hughes Bently Nevada 3500 5.05 information disclosure (icsa-23-269-05)
• CVE-2023-4021 | Modern Events Calendar Lite Plugin up to 7.0.x on WordPress cross site scripting
• CVE-2021-33638 | iSula cp Command access control
• CVE-2021-33637 | iSula Export Command access control
• CVE-2021-33636 | iSula Load Command Local Privilege Escalation
• CVE-2021-33635 | iSula Image Pull Remote Code Execution
• CVE-2021-33634 | iSula Image denial of service
• CVE-2023-43657 | discourse-encrypt on Discourse Topic Title cross site scripting (GHSA-5fh6-wp7p-xx7v)
• CVE-2023-43226 | DedeCMS up to 5.7.111 dede/baidunews.php unrestricted upload
• CVE-2023-43323 | mooSocial 3.1.8 DNS Request Privilege Escalation
• CVE-2023-43664 | PrestaShop up to 8.1.1 ajaxProcessGetPossibleHookingListForModule privileges management (GHSA-gvrg-62jp-rf7j)
• CVE-2023-43663 | PrestaShop up to 8.1.1 Module privileges management (GHSA-6jmf-2pfc-q9m7)
• CVE-2023-5256 | Drupal JSON:API Module information exposure (sa-core-2023-006)
• CVE-2023-40375 | IBM i 7.2/7.3/7.4/7.5 Application Server privileges management (XFDB-263580)
• CVE-2023-43044 | IBM License Metric Tool 9.2 URL path traversal (XFDB-266893)