PT-2024-3067

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.2.4 Description: The issue is related to the AlertUtil::validateExpression method, which can lead to Remote Code Execution. An attacker can send a PUT request to "/api/v1/events/subscriptions" to exploit this...

BIT-MATTERMOST-2023-27265

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the "Regenerate Invite Id" API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response...

BIT-MATTERMOST-2023-27266

Mattermost fails to honor the ShowEmailAddress setting when constructing a response to the /api/v4/users/me/teams API endpoint, allowing an attacker with team admin privileges to learn the team owner's email address in the response...

CVE-2024-25723

ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched...

CVE-2024-25723

CVE-2024-25723 affects ZenML Server in the ZenML Python package (prior to 0.46.7). The REST endpoint /api/v1/users/{user_name_or_id}/activate allows remote privilege escalation by authenticating with a valid username and a new password in the request body, enabling total compromise of the account...

Open redirect

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A URL Redirection to an Untrusted Site Open Redirect can occur under the /api/v1/notification/createnotification endpoint, allowing an authenticated user to send an arbitrary push notification to any other user of the system. Th...

CVE-2022-45179

An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user authenticated to the product can store arbitrary HTML code in the...

PT-2024-15696 · WordPress · Ppwp

Name of the Vulnerable Software and Affected Versions: PPWP – Password Protect Pages plugin for WordPress versions up to, and including, 1.8.9 Description: The issue allows unauthenticated attackers to obtain sensitive information, including post titles, IDs, slugs, and other data for...

Cross Site Scripting (XSS)

github.com/rancher/norman is vulnerable to Cross Site Scripting XSS . The vulnerability is due to a lack of URL validation within the ParseRequestURL method. An attacker can execute arbitrary JavaScript by sending a crafted payload to a public API endpoint, resulting in XSS...

CVE-2024-24771 Open Forms potential multi-factor authentication bypass

Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials username + password compromised could potentially have the second-factor authentication...

PT-2024-20239 · Unknown · Novel-Plus

Name of the Vulnerable Software and Affected Versions: Novel-Plus versions 4.3.0-RC1 and prior Description: A SQL injection issue exists, allowing an attacker to pass specially crafted offset, limit, and sort parameters to perform SQL injection via the "/novel/userFeedback/list" API endpoint...

CVE-2024-0869

The Instant Images – One Click Image Uploads from Unsplash, Openverse, Pixabay and Pexels plugin for WordPress is vulnerable to unauthorized arbitrary options update due to an insufficient check that neglects to verify whether the updated option belongs to the plugin on the instant-images/license...

GHSA-XW73-RW38-6VJC Classic builder cache poisoning

The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache...

PT-2024-4534 · Unknown · Zenml Server

Name of the Vulnerable Software and Affected Versions: ZenML Server versions prior to 0.46.7 ZenML Server versions 0.44.4, 0.43.1, and 0.42.2 are patched and not vulnerable, so the actual vulnerable range is any version before 0.46.7, excluding the mentioned patched versions. However, since 0.44....

Cross-site Scripting Vulnerability on Data Import

Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.10.1 and was tested on version 1.9.2.post0. Overview Label Studio had a remote import feature allowed users to...

PYSEC-2024-15

changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint /api/v1/watch//history can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party...

CVE-2024-23329 changedetection.io API endpoint is not secured with API token

changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint /api/v1/watch//history can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party...

CVE-2024-23329 changedetection.io API endpoint is not secured with API token

changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint /api/v1/watch//history can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party...

PT-2024-19531 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It can be exploited via the "/system/admin/update group save" API endpoint. Recommendations: For FlyCms version 1.0, as a temporary workaround,...

PT-2024-19576 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It occurs via the "/system/site/filterKeyword save" API endpoint. This allows for potential unauthorized actions on the system. Recommendations: For...