Vulnerability Summary for the Week of January 8, 2024

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
abocms — abo.cms	SQL Injection vulnerability in ABO.CMS v.5.9.3, allows remote attackers to execute arbitrary code via the d parameter in the Documents module.	2024-01-06	9.8	CVE-2023-46953 cve@mitre.org
acme — ultra_mini_httpd	A vulnerability was found in ACME Ultra Mini HTTPd 1.21. It has been classified as problematic. This affects an unknown part of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-249819.	2024-01-07	7.5	CVE-2024-0263 cna@vuldb.com cna@vuldb.com This article has been indexed from Bulletins Read the original article: Vulnerability Summary for the Week of January 8, 2024 Related Tags: Bulletins EN Post navigation ← IT Security News Daily Summary 2024-01-17 Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats → Search for: Social Social Media Daily summary Weekly summary Privacy Policy Legal & Contact Contact Apps Advertising Daily Summary Enter your email address: GDPR compliance Categories Categories Log in Copyright © 2025 IT Security News. All Rights Reserved. The Magazine Basic Theme by bavotasan.com.