CVE-2024-34082 Grav Arbitrary File Read to Account Takeover

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password res...

Rocket.Chat SQL Injection Vulnerability

Rocket.Chat, an open source team chat software, is vulnerable to SQL injection, which stems from the application's lack of validation of externally entered SQL statements. An attacker could exploit the vulnerability to retrieve a reset password token via 2fa secret or 2fa secret...

CVE-2022-32211

A SQL injection vulnerability exists in Rocket.Chat v3.18.6, v4.4.4 and v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret...

CVE-2022-32211

A SQL injection vulnerability exists in Rocket.Chat v3.18.6, v4.4.4 and v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret...

Sql injection

A SQL injection vulnerability exists in Rocket.Chat v3.18.6, v4.4.4 and v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret...

CVE-2022-32211

A SQL injection vulnerability exists in Rocket.Chat v3.18.6, v4.4.4 and v4.7.3 which can allow an attacker to retrieve a reset password token through or a 2fa secret...

Joomla 1.6.x < 3.9.25 Multiple Vulnerabilities (5834-joomla-3-9-25)

According to its self-reported version, the instance of Joomla! running on the remote web server is 1.6.x prior to 3.9.25. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand function within the process of...

CVE-2021-26593

In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/id. For each call, they get in response a lot of information about the user such as email address, first name, and last name but also the secret for 2FA if one exists. This secret can be regenerated. NOTE...

Design/Logic Flaw

UNSUPPORTED WHEN ASSIGNED In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/id. For each call, they get in response a lot of information about the user such as email address, first name, and last name but also the secret for 2FA if one exists. This secre...

CVE-2021-26593

In Directus 8.x through 8.8.1, an attacker can see all users in the CMS using the API /users/id. For each call, they get in response a lot of information about the user such as email address, first name, and last name but also the secret for 2FA if one exists. This secret can be regenerated. NOTE...

[20210301] - Core - Insecure randomness within 2FA secret generation

Usage of the insecure rand function within the process of generating the 2FA secret.Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes...