Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2023-51839 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Devicefarmer Smartphone Test Farm 3.6.6
DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm.
network
low complexity
devicefarmer CWE-327
critical
9.1
2024-01-29 CVE-2023-51840 Use of Hard-coded Credentials vulnerability in Html-Js Doracms 2.1.8
DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.
network
low complexity
html-js CWE-798
critical
9.8
2024-01-29 CVE-2023-51842 Unspecified vulnerability in Meshcentral 1.1.16
An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16.
network
low complexity
meshcentral
7.5
2024-01-29 CVE-2024-1018 Cross-site Scripting vulnerability in Pbootcms 3.2.5
A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421.
network
low complexity
pbootcms CWE-79
6.1
2024-01-29 CVE-2024-22570 Cross-site Scripting vulnerability in Njtech Greencms 2.3
A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
network
low complexity
njtech CWE-79
5.4
2024-01-29 CVE-2024-24136 Cross-site Scripting vulnerability in Remyandrade Math Game 1.0
The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks.
network
low complexity
remyandrade CWE-79
6.1
2024-01-29 CVE-2024-24139 SQL Injection vulnerability in Remyandrade Login System With Email Verification 1.0
Sourcecodester Login System with Email Verification 1.0 allows SQL Injection via the 'user' parameter.
network
low complexity
remyandrade CWE-89
7.2
2024-01-29 CVE-2024-24140 SQL Injection vulnerability in Remyandrade Daily Habit Tracker 1.0
Sourcecodester Daily Habit Tracker App 1.0 allows SQL Injection via the parameter 'tracker.'
network
low complexity
remyandrade CWE-89
7.2
2024-01-29 CVE-2024-24141 SQL Injection vulnerability in Remyandrade School Task Manager 1.0
Sourcecodester School Task Manager App 1.0 allows SQL Injection via the 'task' parameter.
network
low complexity
remyandrade CWE-89
critical
9.8
2024-01-29 CVE-2023-22836 Unspecified vulnerability in Guardiansoft Guardian
In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes a group name from the default value, the renamed value may be visible to the rest of the stack’s tenants.
network
low complexity
guardiansoft
5.4