eBankIT 6 Arbitrary OTP Generation

CVE-2023-33291 Description In eBankIT 6, the public endpoints /public/token/Email/generate and /public/token/SMS/generate allow generation of OTP messages to any email address or phone number without validation. ------------------------------------------ Additional Information The cookies in the...

distribution catalog API endpoint can lead to OOM via malicious user input

Impact Systems that run distribution built after a specific commit running on memory-restricted environments can suffer from denial of service by a crafted malicious /v2/catalog API endpoint request. Patches Upgrade to at least 2.8.2-beta.1 if you are running v2.8.x release. If you use the code...

GHSA-HQXW-F8MX-CPMW distribution catalog API endpoint can lead to OOM via malicious user input

Impact Systems that run distribution built after a specific commit running on memory-restricted environments can suffer from denial of service by a crafted malicious /v2/catalog API endpoint request. Patches Upgrade to at least 2.8.2-beta.1 if you are running v2.8.x release. If you use the code...

Information disclosure

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

CVE-2023-31478

An issue was discovered on GL.iNet devices before 3.216. An API endpoint reveals information about the Wi-Fi configuration, including the SSID and key...

PT-2023-23357 · Gl.Inet · Gl.Inet

Name of the Vulnerable Software and Affected Versions: GL.iNet devices versions prior to 3.216 Description: An issue was discovered that reveals information about the Wi-Fi configuration, including the SSID and key, through an API endpoint. Recommendations: For versions prior to 3.216, update to...

CVE-2023-22813 Device API endpoint missing access controls on Western Digital Mobile and Web Apps

A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS...

CVE-2023-22813 Device API endpoint missing access controls on Western Digital Mobile and Web Apps

A device API endpoint was missing access controls on Western Digital My Cloud OS 5 iOS and Anroid Mobile Apps, My Cloud Home iOS and Android Mobile Apps, SanDisk ibi iOS and Android Mobile Apps, My Cloud OS 5 Web App, My Cloud Home Web App and the SanDisk ibi Web App. Due to a permissive CORS...

HollerBox < 2.1.4 - Admin+ SQL Injection

The plugin concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's database. PoC 1. Login as admin 2. Make sure HollerBox is installed and...

Stored XSS and CSP Bypass in KiwiTCMS

Description Stored XSS, also known as persistent XSS, is the more damaging of the XSS. It occurs when a malicious script is injected directly into a vulnerable web application. Due to a sanitization problem it is possible to perform a Stored XSS. The problem is that the upload function permit...

GHSA-JWG4-QCGV-5WG6 SQL Injection in Admin Translations API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

GHSA-XMG8-W465-MR56 SQL Injection in Translation Export API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

GHSA-6MHM-GCPF-5GR8 SQL Injection in Admin Search Find API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

CVE-2023-30852 Pimcore Arbitrary File Read in Admin JS CSS files

Pimcore is an open source data and experience management platform. Prior to version 10.5.21, the /admin/misc/script-proxy API endpoint that is accessible by an authenticated administrator user is vulnerable to arbitrary JavaScript and CSS file read via the scriptPath and scripts parameters. The...

CVE-2022-45456

Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent Windows, macOS, Linux before build 30161...

CVE-2022-45456

Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent Windows, macOS, Linux before build 30161...

PT-2023-22591 · Ourphp · Ourphp

Name of the Vulnerable Software and Affected Versions: OURPHP versions 7.2.0 and earlier Description: The issue is related to Cross Site Scripting XSS and can be exploited via the "/client/manage/ourphp out.php" API endpoint. Recommendations: For OURPHP versions 7.2.0 and earlier, at the moment,...

CVE-2023-29443

Summary of CVE-2023-29443 from connected sources: Multiple ManageEngine products (ServiceDesk Plus, ServiceDesk Plus MSP, SupportCenter Plus, AssetExplorer) are affected by an XML External Entity (XXE) vulnerability. A privileged SDAdmin can configure a malicious server to return malformed XML vi...

PT-2023-13899 · Unknown · Pingfederate

Name of the Vulnerable Software and Affected Versions: PingFederate affected versions not specified Description: The issue concerns a Cross-Site Request Forgery CSRF vulnerability. It affects the "/pf/idprofile.ping" API endpoint, which is vulnerable to crafted GET requests. Recommendations: At t...