CVEs from 2023
Total
6,124
critical
critical 239
high
high 1,503
medium
medium 1,409
low
low 31
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-2045 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ipekyolu Software Auto Damage Tracking Software allows SQL Injection. This issue affects Auto Da… | |||
| CVE-2023-2750 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cityboss E-municipality allows SQL Injection. This issue affects E-municipality: before 6.05. | |||
| CVE-2023-1508 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection. This issue affec… | |||
| CVE-2023-2713 | critical | 9.8 | 9.8 | 3y ago | Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass. Thi… | |||
| CVE-2023-2712 | critical | 9.8 | 9.8 | 3y ago | Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a… | |||
| CVE-2023-1873 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Faturamatik Bircard allows SQL Injection. This issue affects Bircard: before 23.04.05. | |||
| CVE-2023-1723 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veragroup Mobile Assistant allows SQL Injection. This issue affects Mobile Assistant: before 21.… | |||
| CVE-2023-1833 | critical | 9.8 | 9.8 | 3y ago | Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass. This issue affects Redline Router: before 7.17. | |||
| CVE-2023-1803 | critical | 9.8 | 9.8 | 3y ago | Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware allows Authentication Bypass. This issue affects Redline Router: before 7.17. | |||
| CVE-2023-1863 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eskom Water Metering Software allows Command Line Execution through SQL Injection. This issue af… | |||
| CVE-2023-1728 | critical | 9.8 | 9.8 | 3y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS Command Injection, Server Side Include (SSI) Injection. This issue affects LMS: before 23.04.03. | |||
| CVE-2023-1765 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akbim Computer Panon allows SQL Injection. This issue affects Panon: before 1.0.2. | |||
| CVE-2023-1725 | critical | 9.8 | 9.8 | 3y ago | Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery. This issue affects Project Management System: before 4.09.31.125. | |||
| CVE-2023-1050 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in As Koc Energy Web Report System allows SQL Injection. This issue affects Web Report System: befo… | |||
| CVE-2023-1153 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection. This issue affects… | |||
| CVE-2023-1152 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Utarit Information Technologies Persolus allows SQL Injection. This issue affects Persolus: befor… | |||
| CVE-2023-28531 | critical | 9.8 | 9.8 | 3y ago | ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. | |||
| CVE-2023-1198 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saysis Starcities allows SQL Injection. This issue affects Starcities: through 1.3. | |||
| CVE-2023-1091 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Alpata Licensed Warehousing Automation System allows Command Line Execution through SQL Injection… | |||
| CVE-2023-1251 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akinsoft Wolvox. This issue affects Wolvox: before 8.02.03. | |||
| CVE-2023-1267 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ulkem Company PtteM Kart. This issue affects PtteM Kart: before 2.1. | |||
| CVE-2023-0979 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData MedDataPACS allows SQL Injection. This issue affects MedDataPACS : before 2023-03-03. | |||
| CVE-2023-0839 | critical | 9.8 | 9.8 | 3y ago | Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co. InSCADA allows Account Footprinting. This issue affects inSCADA: before 20230115-1. | |||
| CVE-2023-1114 | critical | 9.8 | 9.8 | 3y ago | Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation. This issue affects e-Belediye: from 1.0.0.95 before 1.0.0.100. | |||
| CVE-2023-1064 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Uzay Baskul Weighbridge Automation Software allows SQL Injection. This issue affects Weighbridge… | |||
| CVE-2023-0939 | critical | 9.8 | 9.8 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies Online Services Software allows SQL Injection. This issue affects O… | |||
| CVE-2023-33150 | critical | 9.6 | 9.6 | 3y ago | Microsoft Office Security Feature Bypass Vulnerability | |||
| CVE-2023-43641 | critical | — | 9.5 | — | libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited… | |||
| CVE-2023-43000 | high | — | 9.5 | 2y ago | Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption. | |||
| CVE-2023-42917 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTM… | |||
| CVE-2023-46847 | critical | — | 9.5 | 3y ago | RHSA-2023:7213: squid:4 security update (Critical) | |||
| CVE-2023-46846 | critical | — | 9.5 | 3y ago | RHSA-2023:7213: squid:4 security update (Critical) | |||
| CVE-2023-46848 | critical | — | 9.5 | 3y ago | Critical: squid security update | |||
| CVE-2023-45853 | critical | — | 9.5 | 3y ago | pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependency | |||
| CVE-2023-5217 | high | — | 9.5 | 3y ago | Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability c… | |||
| CVE-2023-4863 | high | — | 9.5 | 3y ago | Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect … | |||
| CVE-2023-38180 | high | — | 9.5 | 3y ago | Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS). | |||
| CVE-2023-37450 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML par… | |||
| CVE-2023-42916 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability cou… | |||
| CVE-2023-32439 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML p… | |||
| CVE-2023-41993 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML par… | |||
| CVE-2023-32435 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTM… | |||
| CVE-2023-29403 | critical | — | 9.5 | 3y ago | RHSA-2023:3922: go-toolset:rhel8 security update (Critical) | |||
| CVE-2023-29405 | critical | — | 9.5 | 3y ago | RHSA-2023:3922: go-toolset:rhel8 security update (Critical) | |||
| CVE-2023-29404 | critical | — | 9.5 | 3y ago | RHSA-2023:3922: go-toolset:rhel8 security update (Critical) | |||
| CVE-2023-29402 | critical | — | 9.5 | 3y ago | RHSA-2023:3922: go-toolset:rhel8 security update (Critical) | |||
| CVE-2023-32373 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability coul… | |||
| CVE-2023-28204 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vu… | |||
| CVE-2023-28205 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML p… | |||
| CVE-2023-0266 | high | — | 9.5 | 3y ago | Linux kernel contains a use-after-free vulnerability that allows for privilege escalation to gain ring0 access from the system user. | |||
| CVE-2023-23529 | high | — | 9.5 | 3y ago | Apple iOS, MacOS, Safari and iPadOS WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML pa… | |||
| CVE-2023-28787 | critical | 9.3 | 9.3 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.… | |||
| CVE-2023-24215 | critical | 9.1 | 9.1 | 16d ago | Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request. | |||
| CVE-2023-47842 | critical | 9.1 | 9.1 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. | |||
| CVE-2023-29386 | critical | 9.1 | 9.1 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Julien Crego Manager for Icomoon.This issue affects Manager for Icomoon: from n/a through 2.0. | |||
| CVE-2023-49166 | critical | 9.1 | 9.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Magic Logix MSync.This issue affects MSync: from n/a through 1.0.0. | |||
| CVE-2023-49161 | critical | 9.1 | 9.1 | 3y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Guelben Bravo Translate.This issue affects Bravo Translate: from n/a through 1.2. | |||
| CVE-2023-1998 | high | — | 9.0 | 3y ago | The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that… | |||
| CVE-2023-22809 | high | — | 9.0 | 3y ago | In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to app… | |||
| CVE-2023-54348 | high | 8.8 | 8.8 | 1mo ago | ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to inject spreadsheet formulas into vendor name fields that execute on the workstation of users who open the … | |||
| CVE-2023-54345 | high | 8.8 | 8.8 | 1mo ago | Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame intr… | |||
| CVE-2023-53888 | high | 8.8 | 8.8 | 6mo ago | Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files… | |||
| CVE-2023-47179 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: f… | |||
| CVE-2023-45760 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in AdvancedCoding wpDiscuz wpdiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through <= 7.6.3. | |||
| CVE-2023-45104 | high | 8.8 | 8.8 | 1y ago | Missing Authorization vulnerability in WPDeveloper BetterLinks betterlinks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BetterLinks: from n/a through <= … | |||
| CVE-2023-41870 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.5. | |||
| CVE-2023-41695 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.1.0. | |||
| CVE-2023-40334 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-products-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through … | |||
| CVE-2023-40203 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in MailMunch MailChimp Forms by MailMunch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailChimp Forms by MailMunch: … | |||
| CVE-2023-38475 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in RedNao Donations Made Easy – Smart Donations allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Donations Made Easy – Sm… | |||
| CVE-2023-38385 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Artbees JupiterX Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JupiterX Core: from 3.0.0 through 3.3.0. | |||
| CVE-2023-35051 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti:… | |||
| CVE-2023-33996 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in СleanTalk - Anti-Spam Protection Spam protection, AntiSpam, FireWall by CleanTalk allows Exploiting Incorrectly Configured Access Control Security Levels.This i… | |||
| CVE-2023-51360 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential… | |||
| CVE-2023-51359 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential… | |||
| CVE-2023-49856 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in EDGARROJAS Smart Forms smart-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Forms: from n/a through <= 2… | |||
| CVE-2023-49756 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Arraytics Eventin wp-event-solution allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventin: from n/a through <= 3.3.… | |||
| CVE-2023-47760 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential… | |||
| CVE-2023-30873 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8. | |||
| CVE-2023-24407 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking calenda… | |||
| CVE-2023-23825 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. | |||
| CVE-2023-23715 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in JobBoardWP JobBoardWP – Job Board Listings and Submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobBoardWP… | |||
| CVE-2023-31090 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Upload a Web Shell to a Web Server.This i… | |||
| CVE-2023-51515 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Undsgn Uncode Core allows Privilege Escalation.This issue affects Uncode Core: from n/a through 2.8.8. | |||
| CVE-2023-6523 | high | 8.8 | 8.8 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse. This issue affects Extreme XDS: before 3914. | |||
| CVE-2023-39309 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | |||
| CVE-2023-44999 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0. | |||
| CVE-2023-39311 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. | |||
| CVE-2023-48777 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1. | |||
| CVE-2023-39307 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1. | |||
| CVE-2023-27459 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects User Registration: from n/a through 2.3.2.1. | |||
| CVE-2023-52214 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder.This issue affects Void Contact Form 7 Widget For Elementor Page Builder: from n/a through 2.3. | |||
| CVE-2023-25039 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in CodePeople Google Maps CP.This issue affects Google Maps CP: from n/a through 1.0.43. | |||
| CVE-2023-37886 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | |||
| CVE-2023-37885 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in InspiryThemes RealHomes.This issue affects RealHomes: from n/a through 4.0.2. | |||
| CVE-2023-51487 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32. | |||
| CVE-2023-51486 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in RedNao WooCommerce PDF Invoice Builder.This issue affects WooCommerce PDF Invoice Builder: from n/a through 1.2.101. | |||
| CVE-2023-51474 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.This issue affects TerraClassifieds: from n/a through 2.0.3. | |||
| CVE-2023-51512 | high | 8.8 | 8.8 | 2y ago | Cross Site Request Forgery (CSRF) vulnerability in WBW Product Table by WBW.This issue affects Product Table by WBW: from n/a through 1.8.6. | |||
| CVE-2023-51510 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Atlas Gondal Export Media URLs.This issue affects Export Media URLs: from n/a through 1.0. |