CVE-2023-37470 Metabase vulnerable to remote code execution via POST /api/setup/validate API endpoint

Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one's Metabase server. The core issue is that one of the...

PT-2023-26792 · Bmc · Bmc Control-M

Name of the Vulnerable Software and Affected Versions: BMC Control-M versions prior to 9.0.21 BMC Control-M version 9.0.20.200 Description: The issue allows SQL injection via the "/RF-Server/report/deleteReport" API endpoint, specifically through the report-id parameter. Recommendations: For BMC...

PT-2023-24376 · Guanzhou Tozed Kangwei Intelligent Technology · Zlts10G

Name of the Vulnerable Software and Affected Versions: Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G version S10G 3.11.6 Description: A Cross-Site Request Forgery CSRF issue allows attackers to takeover user accounts by sending a crafted POST request to the "/goform/goform set cmd process...

PT-2023-24965 · Ruijie Networks · Rg-Nbs +6

Name of the Vulnerable Software and Affected Versions: Ruijie Networks RG-EW series home routers and repeaters version EW 3.01B11P204 Ruijie Networks RG-NBS and RG-S1930 series switches version SWITCH 3.01B11P218 Ruijie Networks RG-EG series business VPN routers version EG 3.01B11P216 Ruijie...

PT-2023-25028 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS versions through 5.7.109 Description: The issue allows remote attackers to run arbitrary code via a crafted POST request to the "/dede/tpl.php" API endpoint. This enables attackers to execute arbitrary code on the affected system...

Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required

Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an "extremely severe" flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as...

PT-2023-25813 · Unknown · Diafan Cms

Name of the Vulnerable Software and Affected Versions: Diafan CMS version 6.0 Description: The issue is related to a reflected cross-site scripting vulnerability. It occurs via the cat id parameter at the "/shop/?module=shop&action=search" API endpoint. Recommendations: For Diafan CMS version 6.0...

PT-2023-26533 · Unknown · Office Suite Premium

Name of the Vulnerable Software and Affected Versions: Office Suite Premium Version v10.9.1.42602 Description: A reflected cross-site scripting XSS issue was found in Office Suite Premium via the filter parameter at the "/api?path=files" API endpoint. This allows for potential malicious script...

PT-2023-26107 · Geeklog · Geeklog

Name of the Vulnerable Software and Affected Versions: Geeklog version 2.2.2 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Rule and Route parameters of "/admin/router.php" API endpoint. This enables the execution of...

Security Bulletin: Multiple operator framework security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Summary symlink is used by IBM Robotic Process Automation for Cloud Pak as part of the operator framework CVE-2015-3627. Distribution is used by IBM Robotic Process Automation as part of the operator framework CVE-2023-2253. Vulnerability Details CVEID:CVE-2015-3627 DESCRIPTION: A symlink...

LMS by Masteriyo < 1.6.8 - Information Exposure

The plugin does not properly safeguards sensitive user information, like other user's email addresses, making it possible for any students to leak them via some of the plugin's REST API endpoints. PoC curl -i -s -k -X $'GET' \ -H $'Host: localhost:8000' -H $'sec-ch-ua: ' -H $'Accept:...

PT-2023-25060 · H3C · H3C Magic

Name of the Vulnerable Software and Affected Versions: H3C Magic B1STV100R012 affected versions not specified Description: A stack overflow in the EditWlanMacList function allows attackers to cause a Denial of Service DoS via a crafted POST request to the API endpoint. The issue is related to the...

PT-2023-25059 · H3C · H3C Magic

Name of the Vulnerable Software and Affected Versions: H3C Magic B1STV100R012 version B1STV100R012 Description: A stack overflow in the EditMacList function allows attackers to cause a Denial of Service DoS via a crafted POST request to the affected API endpoint. Recommendations: For H3C Magic...

PT-2023-25065 · H3C · H3C Magic

Name of the Vulnerable Software and Affected Versions: H3C Magic B1STV100R012 affected versions not specified Description: A stack overflow in the UpdateMacClone function allows attackers to cause a Denial of Service DoS via a crafted POST request to an unspecified API endpoint. Recommendations: ...

PT-2023-25062 · H3C · H3C Magic

Name of the Vulnerable Software and Affected Versions: H3C Magic version B1STV100R012 Description: A stack overflow in the UpdateWanParams function allows attackers to cause a Denial of Service DoS via a crafted POST request to an unspecified API endpoint. Recommendations: For version B1STV100R01...

CVE-2023-2744

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

PT-2023-11501 · Jymusic · Jymusic

Name of the Vulnerable Software and Affected Versions: Jymusic version 2.0.0 Description: A cross-site request forgery CSRF issue allows attackers to execute arbitrary code via the "/admin.php?s=/addons/config.html&id=6" API endpoint to modify payment information. This can be achieved by exploiti...

Dos via Document Comments

Description An attacker can abuse the document comment functionality, handled by the /api/comments.create API endpoint, since there is not size check or validation of the comment contents, which allows an attacker to send a comment with almost an unlimited number of characters1MB max POST size...

PT-2023-22484 · Laravel-S · Laravel-S

Name of the Vulnerable Software and Affected Versions: laravel-s versions prior to 3.7.36 Description: The issue is related to Local File Inclusion, which can be exploited via the /src/Illuminate/Laravel.php API endpoint. Recommendations: For versions prior to 3.7.36, update to version 3.7.36 or...

PT-2023-36196 · Salt · Salt

Name of the Vulnerable Software and Affected Versions: salt versions prior to 3006.0 Description: The issue is related to several problems in the salt software, including collections Mapping issues, conflicts with dependencies, and failures due to the unavailability of the transactional update...