Security Vulnerabilities - CVEs Published In March 2023
A vulnerability classified as critical has been found in SourceCodester Online Graduate Tracer System 1.0. Affected is an unknown function of the file admin/adminlog.php. The manipulation of the argument user leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222696.
CVSS Score
6.3
EPSS Score
0.003
Published
2023-03-10
A vulnerability has been found in Ad Blocking Detector Plugin up to 1.2.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the file ad-blocking-detector.php. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 1.2.2 is able to address this issue. The patch is identified as 3312b9cd79e5710d1e282fc9216a4e5ab31b3d94. It is recommended to upgrade the affected component. VDB-222610 is the identifier assigned to this vulnerability.
CVSS Score
4.3
EPSS Score
0.007
Published
2023-03-10
A vulnerability was found in Mobile Vikings Django AJAX Utilities up to 1.2.1 and classified as problematic. This issue affects the function Pagination of the file django_ajax/static/ajax-utilities/js/pagination.js of the component Backslash Handler. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely. The patch is named 329eb1dd1580ca1f9d4f95bc69939833226515c9. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-222611.
CVSS Score
3.5
EPSS Score
0.003
Published
2023-03-10
radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-03-10
WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-03-10
WebAssembly v1.0.29 discovered to contain an abort in CWriter::MangleType.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-03-10
WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-03-10
WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-03-10
A vulnerability, which was classified as problematic, was found in MMDeveloper A Forms Plugin up to 1.4.2 on WordPress. This affects an unknown part of the file a-forms.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.3 is able to address this issue. The identifier of the patch is 3e693197bd69b7173cc16d8d2e0a7d501a2a0b06. It is recommended to upgrade the affected component. The identifier VDB-222609 was assigned to this vulnerability.
CVSS Score
3.5
EPSS Score
0.003
Published
2023-03-10
Authentication Bypass by Primary Weakness in GitHub repository froxlor/froxlor prior to 2.0.13.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-03-10