Home
» Risk & Exploitation
» Daily threat intelligence
» May 23, 2023
May 23, 2023 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
Squarepiginteractive Fusioninvoice: public exploit or PoC linked (cross-site scripting)
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Active exploit activity
CVE-2022-41544
Get-simple Getsimple Cms RCE
Public exploit or PoC available
Exploit activity linked
Remote code execution exposure
Get-simple Getsimple Cms RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Active exploit activity
CVE-2023-1934
Sdg Pnpscada SQL Injection
Public exploit or PoC available
Exploit activity linked
Sdg Pnpscada SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2023-1508
Adampos Mobilmen El Terminali Yazilimi SQL Injection
New critical Adampos Mobilmen El Terminali Yazilimi SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
View KEV additions
Exploit & PoC activity
Gin 0.7.4 allows execution of arbitrary code when a crafted file is opened, e.g., via require('child_process').
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').
Stored Cross Site Scripting (XSS) vulnerability in Square Pig FusionInvoice 2023-1.0, allows attackers to execute arbitrary code via the...
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file.
Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary co...
Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo.
ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file.
SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire databa...
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacke...
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulner...
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobi...
The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which...
The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can...
The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the...
The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can...
The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which...
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `T...
The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources.
The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which ca...
SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php.
View critical disclosures
cvelogic
Threat Intelligence