CyberSecurityBoard
Sponsor Register Login

CVE-2023-1689

A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?asave_earning. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-224308.

Publication date: Wed, 29 Mar 2023 15:15:00 +0000


Cyber News related to CVE-2023-1689

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
6 months ago Cisa.gov
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
3 weeks ago Tenable.com
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
6 months ago Microsoft.com
CVE-2023-1689 - A vulnerability classified as problematic was found in SourceCodester Earnings and Expense Tracker App 1.0. This vulnerability affects unknown code of the file Master.php?asave_earning. The manipulation of the argument name leads to cross site ...
1 year ago
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
3 months ago Securelist.com
CVE-2010-1689 - The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 ...
4 years ago
CVE-2015-1689 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
5 years ago
CVE-2015-1705 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
5 years ago
CVE-2012-2750 - Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this ...
2 years ago
CVE-2002-1689 - Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow. ...
15 years ago
CVE-2009-1689 - Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving submission ...
13 years ago
CVE-2020-1689 - On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption. This issue does not ...
2 years ago
CVE-2004-1689 - sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file before quitting sudoedit. ...
6 years ago
CVE-2008-1689 - Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some ...
6 years ago
CVE-2011-1689 - Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
6 years ago
CVE-2017-1689 - IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure ...
6 years ago
CVE-2007-1689 - Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. ...
5 years ago
CVE-2006-1689 - Unspecified vulnerability in su in HP HP-UX B.11.11, when using the LDAP netgroup feature, allows local users to gain unspecified access. HP-UX B.11.11: ...
5 years ago
CVE-2016-1689 - Heap-based buffer overflow in content/renderer/media/canvas_capture_handler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site. ...
5 years ago
CVE-2013-1689 - Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames. ...
4 years ago
CVE-2005-1689 - Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. ...
4 years ago
CVE-2021-1689 - Windows Multipoint Management Elevation of Privilege Vulnerability ...
3 years ago
CVE-2022-1689 - The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a note via the admin dashboard, leading to an SQL injection ...
2 years ago
CVE-2012-1689 - Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer. ...
1 year ago
CVE-2019-1689 - A vulnerability in the client application for iOS of Cisco Webex Teams could allow an authenticated, remote attacker to upload arbitrary files within the scope of the iOS application. The vulnerability is due to improper input validation in the ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)