Security Vulnerabilities - CVEs Published In November 2023
An information leak in Tokudaya.honten v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-02
An information leak in Daiky-value.Fukueten v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-02
An information leak in VISION MEAT WORKS Track Diner 10/10mbl v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-02
An information leak in Hattoriya v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-02
An information leak in Tokudaya.ekimae_mc v13.6.1 allows attackers to obtain the channel access token and send crafted messages.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-02
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/students/manage_academic.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244329 was assigned to this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-11-02
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/students/manage_academic.php. The manipulation of the argument student_id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-244330 is the identifier assigned to this vulnerability.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-11-02
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-11-02
A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-11-02
A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/update_status.php. The manipulation of the argument student_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-244326 is the identifier assigned to this vulnerability.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-11-02