CVE-2023-31822
An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in th
CVSS
7.5
High
EPSS
0.6%
p47
KEV
—
Exploit Today
14
0-100
Published: Jul 13, 2023 · Last modified: Jul 9, 2026 · CWE-311
0.5%EPSS · 30 days0.6%
2026-06-302026-07-16
An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Entetsu Store function.
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-344867.5 HIG97.4%
——29Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor.
This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116.
Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue.2dCVE-2022-262817.5 HIG56.5%
——17BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.8dCVE-2021-406506.5 MED50.0%
——15In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set.8dCVE-2023-318257.5 HIG47.0%
——14An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Inageya function.8dCVE-2023-318207.5 HIG47.0%
——14An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.8dCVE-2023-318197.5 HIG47.0%
——14An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.8d