How severe is CVE-2023-33518?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-33518?

This is classified as CWE-668, which is a common weakness in software security.

CVE-2023-33518

MEDIUM Year: 2023

CVSS v3 Score

5.3

Medium

Weakness Type

CWE-668

View all →

Vulnerability Description

emoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory path and other information leaked by the server via a crafted web request.

CVE-2016-11006

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.

CWE-6682016

CVE-2016-11007

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.

CWE-6682016

CVE-2016-11008

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.

CWE-6682016

CVE-2016-11009

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_interkassa payer metadata updates.

CWE-6682016

CVE-2016-11010

MEDIUM

CVSS:5.3(Medium)

The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_twocheckout payer metadata updates.

CWE-6682016

CVE-2016-5334

MEDIUM

CVSS:5.3(Medium)

VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.

CWE-6682016

CVE-2023-33518

Vulnerability Description

Related Vulnerabilities

CVE-2016-11006

CVE-2016-11007

CVE-2016-11008

CVE-2016-11009

CVE-2016-11010

CVE-2016-5334