Moderators can perform Time based SQL injection attack.

The API endpoint /api/chat/users/setenabled POST is vulnerable to a Time based blind SQL injection attack via body parameter ‘userId’. It allows a Moderator to read, modify or delete the entries in the sqlite database. Moderator can leak the streamkey to access admin dashboard. Proof of concept...

PT-2022-25847 · Unknown · Online Pet Shop We App

Name of the Vulnerable Software and Affected Versions: Online Pet Shop We App version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/admin/?page=orders/view order" API endpoint. Recommendations: For Online...

PT-2022-26319 · Unknown · Simple Cold Storage Management System

Name of the Vulnerable Software and Affected Versions: Simple Cold Storage Management System version 1.0 Description: The issue allows for SQL Injection via the "/csms/admin/?page=user/manage user&id=" API endpoint, specifically targeting the id variable. This could potentially lead to unauthoriz...

Bytebase allows low-privilege users to view admin projects

Overview The "Bytebase" application does not restrict low privilege user from accessing admin projects Details The "Bytebase" application does not restrict low privilege user from accessing admin projects for which an unauthorized user can view the "projects" created by "Admin". The affected...

PT-2022-25221 · Unknown · Online Banking System

Name of the Vulnerable Software and Affected Versions: Online Banking System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the cust id parameter at the "/net-banking/send funds action.php" API endpoint. Recommendations: For...

PT-2022-25588 · Tenda · Tenda Ac15 +1

Name of the Vulnerable Software and Affected Versions: Tenda AC15 and AC18 router version V15.03.05.19 Description: The issue is related to a stack overflow in the fromNatStaticSetting function when handling requests to the "/goform/NatStaticSetting" API endpoint. Recommendations: For Tenda AC15...

PT-2022-25389 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2022 Description: A full path disclosure issue was discovered in ZZCMS 2022. This issue can be exploited via the "/admin/index.PHP? server" API endpoint. Recommendations: For ZZCMS version 2022, consider restricting access to th...

CVE-2022-41232

A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...

CVE-2022-41232

A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...

Design/Logic Flaw

Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...

CVE-2022-41232

CVE-2022-41232 is a cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin (versions 1.22 and earlier). The issue allows an attacker to replace any config.xml file on the Jenkins controller filesystem with an empty file by supplying a crafted file name to an API endpoin...

CVE-2022-41231

Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint...

CVE-2022-41231

CVE-2022-41231 : Jenkins Build-Publisher Plugin

PT-2022-25748 · Jenkins · Jenkins Build-Publisher Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Build-Publisher Plugin versions 1.22 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a...

Normal user can set himself or any other user to admin role

Description Improper access to an API endpointAddUserToRole can allow a regular user to escalate his privileges to be an admin Infected code AuthorizeRoles = Roles.User HttpPost public async Task AddUserToRoleFromQuery string username, string role var results = await...

PT-2022-25182 · Tenda · Tenda Ac21

Name of the Vulnerable Software and Affected Versions: Tenda AC21 version 16.03.08.15 Description: The issue is related to a Buffer Overflow that can occur via the /bin/httpd, specifically in the function formSetQosBand. This can be exploited through the API endpoint "/bin/httpd". The...

PT-2022-24604 · Unknown · School Activity Updates With Sms Notification

Name of the Vulnerable Software and Affected Versions: School Activity Updates with SMS Notification version 1.0 Description: The issue concerns SQL Injection, which can be exploited via the "/activity/admin/modules/event/index.php?view=edit&id=" API endpoint. The id variable is vulnerable to thi...

PT-2022-23894 · Craft Cms · Craft Cms

Name of the Vulnerable Software and Affected Versions: Craft CMS version 4.2.0.1 Description: The issue is related to Stored Cross Site Scripting XSS in the "/admin/myaccount" API endpoint. This allows for malicious scripts to be stored and executed on the platform. Recommendations: For Craft CMS...

PT-2022-24445 · Archery · Archery

Name of the Vulnerable Software and Affected Versions: Archery versions 1.7.5 through 1.8.5 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the where parameter at the "/archive/apply" API endpoint. Recommendations: For versions 1.7.5...