In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 07-08, 2023.
During this period, The National Vulnerability Database published 185, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 32
High: 18
Medium: 70
Low: 9
Severity Not Assigned: 56
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-41036
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue.
References: https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28
https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda
https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv
ttps://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-21671
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 6.0
Description: Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-22388
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Memory Corruption in Multi-mode Call Processor while processing bit mask API.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-24852
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory Corruption in Core due to secure memory access by user while loading modem image.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-28545
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description: Memory corruption in TZ Secure OS while loading an app ELF.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-28556
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.2
Description: Cryptographic issue in HLOS during key management.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-28574
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 5.8
Description: Memory corruption in core services when Diag handler receives a command to configure event listeners.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-33031
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-33045
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-33047
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing no-inherit IES.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-33048
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing t2lm buffers.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-33055
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory Corruption in Audio while invoking callback function in driver from ADSP.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-33056
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-33059
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption in Audio while processing the VOC packet data from ADSP.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-33061
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-33074
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption in Audio when SSR event is triggered after music playback is stopped.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-38547
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database.
References: https://www.veeam.com/kb4508
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-38548
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.
References: https://www.veeam.com/kb4508
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-42535
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
References: https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-5709
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References: https://plugins.trac.wordpress.org/browser/widget-twitter/trunk/twitter.php?rev=2212825#L161
https://www.wordfence.com/threat-intel/vulnerabilities/id/86cdbfec-b1af-48ec-ae70-f97768694e44?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-3889
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 1.4
Impact Score: 6.0
Description: A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.
References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
CWE-ID: CWE-119 CWE-667
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-42659
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.3
Description:
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application.
References: https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023
https://www.progress.com/ws_ftp
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-4295
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 6.0
Description: A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
CWE-ID: CWE-190 CWE-416
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-5179
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
References: https://www.opendesign.com/security-advisories
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-46730
Base Score: 7.4
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 3.7
Description: Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to untrusted domains. Note that protocols like file:// can also be used to access the server disk. The request result (on success) can then be retrieved using /api/download.php. This issue has been addressed in versions 6.8.15, 6.7.54, and 6.6.177. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References: https://github.com/Intermesh/groupoffice/commit/99205535e8cec6592fd7f1469837926f27c72d50
https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-46242
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability.
References: https://github.com/xwiki/xwiki-platform/commit/cf8eb861998ea423c3645d2e5e974420b0e882be
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hgpw-6p4h-j6h5
https://jira.xwiki.org/browse/XWIKI-20386
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-46244
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to write a script in which any velocity content is executed with the right of any other document content author. Since this API require programming right and the user does not have it, the expected result is `$doc.document.authors.contentAuthor` (not executed script), unfortunately with the security vulnerability it is possible for the attacker to get `XWiki.superadmin` which shows that the title was executed with the right of the unmodified document. This has been patched in XWiki versions 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References: https://github.com/xwiki/xwiki-platform/commit/11a9170dfe63e59f4066db67f84dbfce4ed619c6
https://github.com/xwiki/xwiki-platform/commit/41d7dca2d30084966ca6a7ee537f39ee8354a7e3
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmxw-c48h-2vf5
https://jira.xwiki.org/browse/XWIKI-20624
https://jira.xwiki.org/browse/XWIKI-20625
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-46253
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution (RCE). Squidex allows users with the `squidex.admin.restore` permission to create and restore backups. Part of these backups are the assets uploaded to an App. For each asset, the backup zip archive contains a `.asset` file with the actual content of the asset as well as a related `AssetCreatedEventV2` event, which is stored in a JSON file. Amongst other things, the JSON file contains the event type (`AssetCreatedEventV2`), the ID of the asset (`46c05041-9588-4179-b5eb-ddfcd9463e1e`), its filename (`test.txt`), and its file version (`0`). When a backup with this event is restored, the `BackupAssets.ReadAssetAsync` method is responsible for re-creating the asset. For this purpose, it determines the name of the `.asset` file in the zip archive, reads its content, and stores the content in the filestore. When the asset is stored in the filestore via the UploadAsync method, the assetId and fileVersion are passed as arguments. These are further passed to the method GetFileName, which determines the filename where the asset should be stored. The assetId is inserted into the filename without any sanitization and an attacker with squidex.admin.restore privileges to run arbitrary operating system commands on the underlying server (RCE).
References: https://github.com/Squidex/squidex/security/advisories/GHSA-phqq-8g7v-3pg5
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-46243
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it. A crafted URL of the form ` /xwiki/bin/edit//?content=%7B%7Bgroovy%7D%7Dprintln%28%22Hello+from+Groovy%21%22%29%7B%7B%2Fgroovy%7D%7D&xpage=view` can be used to execute arbitrary groovy code on the server. This vulnerability has been patched in XWiki versions 14.10.6 and 15.2RC1. Users are advised to update. There are no known workarounds for this issue.
References: https://github.com/xwiki/xwiki-platform/commit/a0e6ca083b36be6f183b9af33ae735c1e02010f4
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g2qq-c5j9-5w5w
https://jira.xwiki.org/browse/XWIKI-20385
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-4154
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.
References: https://access.redhat.com/security/cve/CVE-2023-4154
https://bugzilla.redhat.com/show_bug.cgi?id=2241883
https://bugzilla.samba.org/show_bug.cgi?id=15424
https://www.samba.org/samba/security/CVE-2023-4154.html
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-46676
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-46677
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-46678
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_upass' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-46679
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname_email' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-46680
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_password' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-46785
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partner_preference.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
37. CVE-2023-46786
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
38. CVE-2023-46787
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
39. CVE-2023-46788
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter in the 'uploadphoto()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
40. CVE-2023-46789
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
41. CVE-2023-46790
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic2' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-46792
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic4' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
43. CVE-2023-46793
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
44. CVE-2023-46794
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'email' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
45. CVE-2023-46795
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'gender' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
46. CVE-2023-46796
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'month' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
47. CVE-2023-46797
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
48. CVE-2023-46798
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'pass' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
49. CVE-2023-46799
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'year' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
50. CVE-2023-46800
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the view_profile.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 07-08, 2023.
During this period, The National Vulnerability Database published 185, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 32
High: 18
Medium: 70
Low: 9
Severity Not Assigned: 56
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-41036
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue.
References: https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28
https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda
https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv
ttps://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-21671
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 6.0
Description: Memory Corruption in Core during syscall for Sectools Fuse comparison feature.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-22388
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Memory Corruption in Multi-mode Call Processor while processing bit mask API.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-24852
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory Corruption in Core due to secure memory access by user while loading modem image.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-28545
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 1.5
Impact Score: 6.0
Description: Memory corruption in TZ Secure OS while loading an app ELF.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-28556
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.2
Description: Cryptographic issue in HLOS during key management.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-28574
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 5.8
Description: Memory corruption in core services when Diag handler receives a command to configure event listeners.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-33031
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-33045
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-33047
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing no-inherit IES.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-33048
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing t2lm buffers.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-33055
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory Corruption in Audio while invoking callback function in driver from ADSP.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
13. CVE-2023-33056
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
14. CVE-2023-33059
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Memory corruption in Audio while processing the VOC packet data from ADSP.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-33061
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-33074
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Memory corruption in Audio when SSR event is triggered after music playback is stopped.
References: https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-38547
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database.
References: https://www.veeam.com/kb4508
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-38548
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.
References: https://www.veeam.com/kb4508
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-42535
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.
References: https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-5709
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
References: https://plugins.trac.wordpress.org/browser/widget-twitter/trunk/twitter.php?rev=2212825#L161
https://www.wordfence.com/threat-intel/vulnerabilities/id/86cdbfec-b1af-48ec-ae70-f97768694e44?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-3889
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 1.4
Impact Score: 6.0
Description: A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.
References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
CWE-ID: CWE-119 CWE-667
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-42659
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.3
Description:
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application.
References: https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023
https://www.progress.com/ws_ftp
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-4295
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 2.5
Impact Score: 6.0
Description: A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.
References: https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities
CWE-ID: CWE-190 CWE-416
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-5179
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
References: https://www.opendesign.com/security-advisories
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-46730
Base Score: 7.4
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 3.7
Description: Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to untrusted domains. Note that protocols like file:// can also be used to access the server disk. The request result (on success) can then be retrieved using /api/download.php. This issue has been addressed in versions 6.8.15, 6.7.54, and 6.6.177. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References: https://github.com/Intermesh/groupoffice/commit/99205535e8cec6592fd7f1469837926f27c72d50
https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-46242
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability.
References: https://github.com/xwiki/xwiki-platform/commit/cf8eb861998ea423c3645d2e5e974420b0e882be
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hgpw-6p4h-j6h5
https://jira.xwiki.org/browse/XWIKI-20386
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-46244
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to write a script in which any velocity content is executed with the right of any other document content author. Since this API require programming right and the user does not have it, the expected result is `$doc.document.authors.contentAuthor` (not executed script), unfortunately with the security vulnerability it is possible for the attacker to get `XWiki.superadmin` which shows that the title was executed with the right of the unmodified document. This has been patched in XWiki versions 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References: https://github.com/xwiki/xwiki-platform/commit/11a9170dfe63e59f4066db67f84dbfce4ed619c6
https://github.com/xwiki/xwiki-platform/commit/41d7dca2d30084966ca6a7ee537f39ee8354a7e3
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmxw-c48h-2vf5
https://jira.xwiki.org/browse/XWIKI-20624
https://jira.xwiki.org/browse/XWIKI-20625
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-46253
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution (RCE). Squidex allows users with the `squidex.admin.restore` permission to create and restore backups. Part of these backups are the assets uploaded to an App. For each asset, the backup zip archive contains a `.asset` file with the actual content of the asset as well as a related `AssetCreatedEventV2` event, which is stored in a JSON file. Amongst other things, the JSON file contains the event type (`AssetCreatedEventV2`), the ID of the asset (`46c05041-9588-4179-b5eb-ddfcd9463e1e`), its filename (`test.txt`), and its file version (`0`). When a backup with this event is restored, the `BackupAssets.ReadAssetAsync` method is responsible for re-creating the asset. For this purpose, it determines the name of the `.asset` file in the zip archive, reads its content, and stores the content in the filestore. When the asset is stored in the filestore via the UploadAsync method, the assetId and fileVersion are passed as arguments. These are further passed to the method GetFileName, which determines the filename where the asset should be stored. The assetId is inserted into the filename without any sanitization and an attacker with squidex.admin.restore privileges to run arbitrary operating system commands on the underlying server (RCE).
References: https://github.com/Squidex/squidex/security/advisories/GHSA-phqq-8g7v-3pg5
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-46243
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it. A crafted URL of the form ` /xwiki/bin/edit//?content=%7B%7Bgroovy%7D%7Dprintln%28%22Hello+from+Groovy%21%22%29%7B%7B%2Fgroovy%7D%7D&xpage=view` can be used to execute arbitrary groovy code on the server. This vulnerability has been patched in XWiki versions 14.10.6 and 15.2RC1. Users are advised to update. There are no known workarounds for this issue.
References: https://github.com/xwiki/xwiki-platform/commit/a0e6ca083b36be6f183b9af33ae735c1e02010f4
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g2qq-c5j9-5w5w
https://jira.xwiki.org/browse/XWIKI-20385
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-4154
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.
References: https://access.redhat.com/security/cve/CVE-2023-4154
https://bugzilla.redhat.com/show_bug.cgi?id=2241883
https://bugzilla.samba.org/show_bug.cgi?id=15424
https://www.samba.org/samba/security/CVE-2023-4154.html
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-46676
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-46677
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-46678
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_upass' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-46679
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname_email' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-46680
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_password' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/netrebko
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-46785
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partner_preference.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
37. CVE-2023-46786
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
38. CVE-2023-46787
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
39. CVE-2023-46788
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter in the 'uploadphoto()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
40. CVE-2023-46789
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
41. CVE-2023-46790
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic2' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-46792
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic4' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
43. CVE-2023-46793
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
44. CVE-2023-46794
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'email' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
45. CVE-2023-46795
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'gender' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
46. CVE-2023-46796
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'month' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
47. CVE-2023-46797
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
48. CVE-2023-46798
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'pass' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
49. CVE-2023-46799
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'year' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
50. CVE-2023-46800
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the view_profile.php resource does not validate the characters received and they are sent unfiltered to the database.
References: https://fluidattacks.com/advisories/ros
https://projectworlds.in
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found