Educ@box Security Vulnerabilities

What is Protobuf?

The Introduction: Decrypting Protocol Buffers When navigating through the intricate world of data encoding and decoding mechanisms, Protocol Buffers, or widely known as Protobuf, have carved their position as a dynamic contender. The brainchild of Google, this binary blueprint aims for advanced...

Exploit for Cross-site Scripting in Phpgurukul Hospital Management System

CVE-2023-7173: Stored Cross-Site Scripting (XSS) in Hospital...

Mobile malware analysis for the BBC

This is a version of our report referenced in the Helping a mobile malware fraud victim blog post, with all sensitive information removed. Summary One malicious application was identified on the device, and evidence identified during the examination strong suggests (though this cannot be confirmed....

CVE-2023-52262

outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted...

CVE-2023-52262

outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted...

CVE-2023-52262

outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted...

Input validation

outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted...

CVE-2023-52262

outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to execute arbitrary code because the PHP extract function is used for untrusted...

Imperva defends customers against recent vulnerabilities in Apache OFBiz

On December 26, researchers from SonicWall Capture Labs discovered an authentication bypass vulnerability in Apache OFBiz, tracked as CVE-2023-51467. This bug has a CVSS score of 9.8 and allows attackers to achieve server-side request forgery (SSRF) by bypassing the program’s authentication. This.....

AI and Lossy Bottlenecks

Artificial intelligence is poised to upend much of society, removing human limitations inherent in many systems. One such limitation is information and logistical bottlenecks in decision-making. Traditionally, people have been forced to reduce complex choices to a small handful of options that...

How to Build a Cybersecurity Culture in Your Company

Decoding the Essential Components of Cyber Safeguard Culture In today's era, marked by copious dependencies on digital technologies, strengthening defenses against digital security vulnerabilities has become more than just a choice, it's a critical necessity. Establishing a culture of cyber...

CVE-2023-51764

A flaw was found in some SMTP server configurations in Postfix. This flaw allows a remote attacker to break out email message data to "smuggle" SMTP commands and send spoofed emails that pass SPF checks. Out of the box, Postfix targets to accommodate older clients with faulty SMTP implementations.....

Exploit for OS Command Injection in Proscend M330-W Firmware

...

CVE-2023-51449

Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal...

Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft

CVE 2023 29357 Informations Cible SharePoint...

GLSA-202312-06 : Exiv2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-06 (Exiv2: Multiple Vulnerabilities) Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. (CVE-2020-18771) An...

What’s New in Rapid7 Products & Services: 2023 Year in Review

Throughout 2023 Rapid7 has made investments across the Insight Platform to further our mission of providing security teams with the tools to proactively anticipate imminent risk, prevent breaches earlier, and respond faster to threats. In this blog you'll find a review of our top releases from...

Easy Forms for Mailchimp < 6.9.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...

Easy Forms for Mailchimp < 6.9.0 - Admin+ Stored Cross-Site Scripting

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed PoC 1) Create a new opt-in form 2) Edit the form, and add a "First name" field. 3) Update...

Security Bulletin: Netcool Operations Insights 1.6.11 addresses multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.11 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-34453 DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a...

CVE-2023-32128

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in.....

CVE-2023-32128

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in.....

Sql injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in.....

CVE-2023-32128 WordPress Cryptocurrency Donation Box – Bitcoin & Crypto Donations Plugin <= 2.2.7 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box – Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box – Accept Payments in.....

CVE-2023-6562

JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the...

CVE-2023-6562

JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the...

Design/Logic Flaw

JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the...

CVE-2023-6562

JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the...

Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for AIOps version 4.3.0 Vulnerability Details ** CVEID: CVE-2022-28948 DESCRIPTION: **Go-Yaml is vulnerable to a denial of service, caused by a flaw in the Unmarshal function. By sending a specially-crafted input, a remote attacker...

Essential Real Estate < 4.4.0 - Subscriber+ Stored XSS

Description The plugin does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Stored XSS...

Essential Real Estate < 4.4.0 - Subscriber+ Stored XSS

Description The plugin does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Stored XSS attacks. PoC 1. Login with a subscriber account, and visit https://vulnerable-site.tld/wp-admin/profile.php?action=delete 2.....

NIST SP 800-53 Rev. 5 Updates: What You Need to Know About The Most Recent Patch Release (5.1.1)

On November 7th, the National Institute of Standards and Technology (NIST) issued an update to SP 800-53, a NIST-curated catalog of controls that organizations can implement to effectively manage security and privacy risk. In this blog we’ll cover the new and updated controls within patch release.....

CVE-2023-6572

Command Injection in GitHub repository gradio-app/gradio prior to...

Securing our home labs: Frigate code review

At GitHub Security Lab, we are continuously analyzing open source projects in line with our goal of keeping the software ecosystem safe. Whether by manual review, multi-repository variant analysis, or internal automation, we focus on high-profile projects we all depend on and rely on. Following on....

Are HTTP Content-Security-Policy (CSP) Headers Sufficient to Secure Your Client Side?

Modern web frameworks have shifted business logic from the server side to the client side (web browser), enhancing performance, flexibility, and user experience. However, this move introduces security and privacy concerns, as exposing sensitive logic and data can lead to vulnerabilities like code.....

Anveo Mobile User Enumeration / Missing Certificate Validation

...

Over 100 WordPress Repository Plugins Affected by Shortcode-based Stored Cross-Site Scripting

On August 14, 2023, the Wordfence Threat Intelligence team began a research project to find Stored Cross-Site Scripting (XSS) via Shortcode vulnerabilities in WordPress repository plugins. This type of vulnerability enables threat actors with contributor-level permissions or higher to inject...

Exploit for CVE-2022-21907

CVE-2022-21907 Vulnerability in HTTP Protocol Stack Enabling...

New Microsoft Purview features use AI to help secure and govern all your data

In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now stored in multiple...

New Microsoft Purview features use AI to help secure and govern all your data

In the past few years, we have witnessed how digital and cloud transformation has accelerated the growth of data. With more and more customers moving to the cloud, and with the rise of hybrid work, data usage has moved beyond the traditional borders of business. Data is now stored in multiple...

CVE-2023-39171

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin...

CVE-2023-39171

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin...

CVE-2023-39169

The affected devices use publicly available default credentials with administrative...

Command injection

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin...

CVE-2023-39171 SENEC Storage Box V1,V2 and V3 accidentially expose a management interface

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin...

CVE-2023-39167

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive...

CVE-2023-39167

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive...

CVE-2023-39172

The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network...

Code injection

In SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devices' logfiles that contain sensitive...

CVE-2023-39169 SENEC: Storage Box V1,V2 and V3 using default credentials

The affected devices use publicly available default credentials with administrative...