CVE-2023-27266

Mattermost vulnerability CVE-2023-27266 arises from the API response construction for /api/v4/users/me/teams not honoring ShowEmailAddress. This allows a user with team admin privileges to learn the team owner's email address from the response. Affected software: Mattermost (web/API level). Root ...

CVE-2023-27265

CVE-2023-27265 affects Mattermost. The issue arises when regenerating Invite IDs: the system fails to honor the ShowEmailAddress setting, causing the team owner’s email address to be returned in the API response. This leakage is exposed to an attacker with team admin privileges who can trigger th...

PT-2023-21043 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: A missing permissions check in Mattermost Playbooks allows an attacker to modify a playbook via the "/plugins/playbooks/api/v0/playbooks/playbookID" API endpoint, using the playbookID...

PT-2023-21045 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue concerns the /api/v4/users/me/teams API endpoint, where Mattermost fails to honor the ShowEmailAddress setting. This allows an attacker with team admin privileges to obtain the...

PT-2023-18891 · Korenix · Korenix Jetwave 3200 Series +1

Name of the Vulnerable Software and Affected Versions: Korenix JetWave 4200 Series version 1.3.0 Korenix JetWave 3200 Series version 1.6.0 Description: The issue is related to a Denial of Service vulnerability. It can be exploited via the "/goform/formDefault" API endpoint. Recommendations: For...

CVE-2023-24812 SQL injection of notes/search-by-tag

Misskey is an open source, decentralized social media platform. In versions prior to 13.3.3 SQL injection is possible due to insufficient parameter validation in the note search API by tag notes/search-by-tag. This has been fixed in version 13.3.3. Users are advised to upgrade. Users unable to...

PT-2023-20915 · Tenda · Tenda Ax3

Name of the Vulnerable Software and Affected Versions: Tenda AX3 version 16.03.12.11 Description: The issue is related to a Buffer Overflow that can be triggered via the "/goform/SetFirewallCfg" API endpoint. This allows for potential exploitation. Recommendations: For Tenda AX3 version...

CVE-2022-24990

TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response...

Exploit for Argument Injection in Atlassian Bitbucket

Atlassian-Bitbucket-Server-CVE-2022-36804 A critical command...

FreeBSD : Spotipy -- Path traversal vulnerability (c3fb48cc-a2ff-11ed-8fbc-6cf0490a8c18)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3fb48cc-a2ff-11ed-8fbc-6cf0490a8c18 advisory. - Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a...

CVE-2023-23608 spotipy Path traversal vulnerability that may lead to type confusion in URI handling code

Spotipy is a light weight Python library for the Spotify Web API. In versions prior to 2.22.1, if a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. The code Spotipy uses to parse URIs and URLs allows an...

CVE-2023-23608

Spotipy (Python library for Spotify Web API) versions prior to 2.22.1 are affected by a path-traversal issue in URI handling. The library’s URI/URL parsing can insert arbitrary characters into the API-request path (e.g., ".."), allowing requests to be redirected from one endpoint to another (such...

Path traversal in spotipy

Summary If a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended. Details The code Spotipy uses to parse URIs and URLs accepts user data too liberally which allows a malicious user to insert arbitrary characters...

Spotipy -- Path traversal vulnerability

Stéphane Bruckert If a malicious URI is passed to the library, the library can be tricked into performing an operation on a different API endpoint than intended...

CVE-2022-3841

RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery SSRF vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes RHACM. An attacker could take advantage of this as the console API endpoint is missing an...

PT-2023-15109 · Unknown · Helmet Store Showroom Site

Name of the Vulnerable Software and Affected Versions: Helmet Store Showroom Site version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/classes/Master.php?f=delete category" API endpoint. Recommendations:...

PT-2023-15114 · Unknown · Dynamic Transaction Queuing System

Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/ajax.php?action=save window" API endpoint...

CVE-2022-3841

CVE-2022-3841 is an unauthenticated SSRF in the RHACM console API endpoint of Red Hat Advanced Cluster Management for Kubernetes. The vulnerability arises from a missing authentication check on the console API, enabling unauthenticated requests. CVSSv3.1 base score is 7.8 (High), with LOCAL attac...

PT-2022-28019 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda A15 version 15.13.07.13 Description: A stack overflow issue was discovered in the security parameter at the "/goform/WifiBasicSet" API endpoint. Recommendations: For Tenda A15 version 15.13.07.13, consider restricting access to the...

PT-2022-23535 · Unknown · Password Manager For Iis

Name of the Vulnerable Software and Affected Versions: Password Manager for IIS version 2.0 Description: The issue is a cross-site scripting XSS vulnerability. It occurs via the "/isapi/PasswordManager.dll" API endpoint, specifically through the ResultURL parameter. This allows for potential...