Oct 9, 2023 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Davidlingren Media Library Assistant: public exploit or PoC linked (RCE)
  • 5 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2020-11060 In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality.

  • Public exploit or PoC available
  • Exploit activity linked

Glpi-project Glpi CSRF now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2023-32707 Splunk privilege escalation

  • Public exploit or PoC available
  • Exploit activity linked
  • Potential privilege escalation to admin/root

Splunk privilege escalation now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2023-43899 Hansuncms Project Hansuncms SQL Injection

  • CVSS 9.8

New critical Hansuncms Project Hansuncms SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2023-4278 Exploit

The MasterStudy LMS WordPress Plugin WordPress plugin before 3.0.18 does not have proper checks in place during registration allowing any...

CVE-2023-4634 Exploit

The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and i...

CVE-2023-39362 Exploit

Cacti is an open source operational monitoring and fault management framework.

CVE-2023-4708 Exploit

A vulnerability was found in Infosoftbd Clcknshop 1.0.0.

CVE-2023-38836 Exploit

File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME typ...

CVE-2023-32707 Exploit

In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged...

CVE-2022-35919 Exploit

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0.

CVE-2020-11060 Exploit

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2023-43271 CVSS 9.1

Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder t...

CVE-2023-43899 CVSS 9.8

hansun CMS v1.0 was discovered to contain a SQL injection vulnerability via the component /ajax/ajax_login.ashx.

CVE-2023-44393 CVSS 9.3

Piwigo is an open source photo gallery application.

CVE-2023-44467 CVSS 9.8

langchain_experimental (aka LangChain Experimental) in LangChain before 0.0.306 allows an attacker to bypass the CVE-2023-36258 fix and e...

CVE-2023-5365 CVSS 9.8

HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure.

View critical disclosures

cvelogic Threat Intelligence