| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-7215 | Chanzhaoyu chatgpt-web cross site scripting | Chanzhaoyu | chatgpt-web | Low | 3.5 | 2024-01-08 01:31:04 | Deep Dive |
| CVE-2023-52121 | WordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF) | NitroPack Inc. | NitroPack – Cache & Speed Optimization for Core Web Vitals, Defer CSS & JavaScript, Lazy load Images | Medium | 5.4 | 2024-01-05 09:22:33 | Deep Dive |
| CVE-2023-7116 | WeiYe-Jing datax-web HTTP POST Request killJob os command injection | WeiYe-Jing | datax-web | Medium | 6.3 | 2023-12-27 15:31:04 | Deep Dive |
| CVE-2023-50712 | Improper Neutralization of Alternate XSS Syntax in iris-web | dfir-iris | iris-web | Medium | 4.6 | 2023-12-22 19:19:31 | Deep Dive |
| CVE-2023-35883 | WordPress Core Web Vitals & PageSpeed Booster Plugin <= 1.0.12 is vulnerable to Open Redirection | Magazine3 | Core Web Vitals & PageSpeed Booster | Medium | 4.7 | 2023-12-19 20:11:12 | Deep Dive |
| CVE-2023-6065 | Quttera Web Malware Scanner < 3.4.2.1 - Directory Listing to Sensitive Data Exposure | Unknown | Quttera Web Malware Scanner | 中危 | - | 2023-12-18 20:07:57 | Deep Dive |
| CVE-2023-6222 | Quttera Web Malware Scanner < 3.4.2.1 - Admin+ Path Traversal | Unknown | Quttera Web Malware Scanner | - | - | 2023-12-18 20:07:54 | Deep Dive |
| CVE-2023-48390 | Multisuns EasyLog web+ - Command Injection | Multisuns | EasyLog web+ | Critical | 9.8 | 2023-12-15 08:55:09 | Deep Dive |
| CVE-2023-48389 | Multisuns EasyLog web+ - Path Traversal | Multisuns | EasyLog web+ | High | 7.5 | 2023-12-15 08:50:43 | Deep Dive |
| CVE-2023-48388 | Multisuns EasyLog web+ - Use of Hard-coded Password | Multisuns | EasyLog web+ | Critical | 9.8 | 2023-12-15 08:45:57 | Deep Dive |
| CVE-2023-48376 | SmartStar Software CWS Web-Base - Arbitrary File Upload | SmartStar Software | CWS Web-Base | Critical | 9.8 | 2023-12-15 07:52:31 | Deep Dive |
| CVE-2023-48375 | SmartStar Software CWS Web-Base - Broken Access Control | SmartStar Software | CWS Web-Base | High | 8.8 | 2023-12-15 07:46:16 | Deep Dive |
| CVE-2023-48374 | SmartStar Software CWS Web-Base - Use of Hard-coded Credentials | SmartStar Software | CWS Web-Base | Medium | 6.5 | 2023-12-15 07:39:48 | Deep Dive |
| CVE-2023-40656 | Extension - plasma-web.ru - Reflected XSS in Quickform component for Joomla 1.0.0-3.3.01 | plasma-web.ru | Quickform component for Joomla | - | - | 2023-12-14 08:52:00 | Deep Dive |
| CVE-2023-42476 | Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence | SAP_SE | SAP BusinessObjects Web Intelligence | Medium | 6.8 | 2023-12-12 00:58:06 | Deep Dive |
| CVE-2023-6659 | Campcodes Web-Based Student Clearance System login.php sql injection | Campcodes | Web-Based Student Clearance System | Medium | 6.3 | 2023-12-11 00:31:04 | Deep Dive |
| CVE-2023-35039 | WordPress Password Reset with Code for WordPress REST API Plugin <= 0.0.15 is vulnerable to Broken Authentication | Be Devious Web Development | Password Reset with Code for WordPress REST API | Critical | 9.8 | 2023-12-07 11:27:16 | Deep Dive |
| CVE-2023-42572 | SAMSUNG Mobile devices 安全漏洞 | Samsung Mobile | Samsung Account Web SDK | Low | 3.3 | 2023-12-05 02:44:30 | Deep Dive |
| CVE-2023-48744 | WordPress Availability Calendar Plugin <= 1.2.6 is vulnerable to Cross Site Request Forgery (CSRF) | Offshore Web Master | Availability Calendar | Medium | 5.4 | 2023-11-30 12:33:49 | Deep Dive |
| CVE-2023-49078 | Cross-Site Scripting vulnerability in raptor-web 0.4.4 | zediious | raptor-web | Medium | 5.4 | 2023-11-28 18:15:24 | Deep Dive |