CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-36992
https://notcve.org/view.php?id=CVE-2023-36992
PHP injection in TravianZ 8.3.4 and 8.3.3 in the config editor in the admin page allows remote attackers to execute PHP code. • https://bramdoessecurity.com/travianz-hacked • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-36859 – PiiGAB M-Bus Code Injection
https://notcve.org/view.php?id=CVE-2023-36859
PiiGAB M-Bus SoftwarePack 900S does not correctly sanitize user input, which could allow an attacker to inject arbitrary commands. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-187-01 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24497
https://notcve.org/view.php?id=CVE-2023-24497
A specially-crafted HTTP request can lead to arbitrary Javascript code injection. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2023-24496
https://notcve.org/view.php?id=CVE-2023-24496
A specially-crafted HTTP request can lead to arbitrary Javascript code injection. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1704 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-25124
https://notcve.org/view.php?id=CVE-2023-25124
A specially crafted HTTP request can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •