Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

access:pre-auth — CVE vulnerabilities tagged 18960

18960 CVE security advisories tagged "access:pre-auth" with AI Chinese analysis, CVSS, references and POCs.

CVE IDTitleCVSSSeverityPublished
CVE-2023-50864 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50863 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50862 Travel Website v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Travel WebsiteCWE-89 9.8 Critical2024-01-04
CVE-2023-50753 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-50752 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-50743 Online Notice Board System v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Online Notice Board SystemCWE-89 9.8 Critical2024-01-04
CVE-2023-49666 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49665 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49658 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49639 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49633 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49625 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49624 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-49622 Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) — Billing SoftwareCWE-89 9.8 Critical2024-01-04
CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup" — Aladdin Connect (Retrofit-Kit)CWE-306 7.5AIHighAI2024-01-03
CVE-2024-21911 Cross-site scripting vulnerability in TinyMCE CWE-79 6.1AIMediumAI2024-01-03
CVE-2024-21910 Cross-site scripting vulnerability in TinyMCE plugins CWE-79 6.1AIMediumAI2024-01-03
CVE-2024-21909 Denial of service in CBOR library CWE-407 7.5AIHighAI2024-01-03
CVE-2024-21908 Cross-site scripting vulnerability in TinyMCE CWE-79 6.1AIMediumAI2024-01-03
CVE-2024-21907 Improper Handling of Exceptional Conditions in Newtonsoft.Json CWE-755 7.5AIHighAI2024-01-03
CVE-2023-6984 PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) <= 2.7.13 - Cross-Site Request Forgery — PowerPack Addons for Elementor (Free Widgets, Extensions and Templates)CWE-352 5.3 Medium2024-01-03
CVE-2023-6980 WP SMS <= 6.5 - Cross-Site Request Forgery to Subscriber Deletion — WSMS (formerly WP SMS) – SMS & MMS Notifications with OTP and 2FA for WooCommerceCWE-352 4.3 Medium2024-01-03
CVE-2023-6600 OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. <= 5.7.9 - Missing Authorization to Unauthenticated Directory Deletion and Cross-Site Scripting — OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy.CWE-862 8.6 High2024-01-03
CVE-2023-6629 POST SMTP Mailer <= 2.8.6 - Reflected Cross-Site Scripting via msg — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-79 6.1 Medium2024-01-03
CVE-2023-7027 POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress <= 2.8.7 - Unauthenticated Stored Cross-Site Scripting via device — Post SMTP – Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile AppCWE-79 7.2 High2024-01-03
CVE-2023-45724 Unauthenticated File Upload affects DRYiCE MyXalytics — DRYiCE MyXalytics 8.2 High2024-01-03
CVE-2023-50344 Unauthenticated File Downloads affect DRYiCE MyXalytics — DRYiCE MyXalytics 5.4 Medium2024-01-03
CVE-2023-45892 Floorsight Insights Q3 2023 安全漏洞 — n/a 7.5AIHighAI2024-01-02
CVE-2023-45893 Floorsight Software Customer Portal 安全漏洞 — n/a 7.5AIHighAI2024-01-02
CVE-2023-6113 WP Staging (Free < 3.1.3, Pro < 5.1.3) - Unauthenticated Backup Download — WP STAGING WordPress Backup Plugin 7.5 -2024-01-01

Vulnerabilities classified as access:pre-auth represent 18960 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.