Critical exposure
CVE-2023-39560 Ectouch SQL Injection
- CVSS 9.8
New critical Ectouch SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Three highest-priority changes — analyst brief, not a CVE dump.
Critical exposure
New critical Ectouch SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Themevolty Theme Volty Cms Blog SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Critical exposure
New critical Themevolty Theme Volty Video Tab SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
CISA KEV — confirmed in-the-wild exploitation.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
Nothing flagged in this category for this digest.
ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.
Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.
theme volty tvcmsvideotab up to v4.0.0 was discovered to contain a SQL injection vulnerability via the component TvcmsVideoTabConfirmDele...
User enumeration is found in PHPJabbers Taxi Booking Script v2.0.
User enumeration is found in PHP Jabbers Car Rental Script v3.0.
User enumeration is found in PHPJabbers Event Booking Calendar v4.0.
User enumeration is found in in PHPJabbers Ticket Support Script v3.2.
User enumeration is found in in PHPJabbers Make an Offer Widget v1.0.
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin is vulnerable to Buffer Overflow via function sub_90998.
SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection.