1998 matches found
PT-2020-13082 · Intelbras · Intelbras Tip 200 Lite +2
Name of the Vulnerable Software and Affected Versions: Intelbras TIP200 version 60.61.75.15 Intelbras TIP200LITE version 60.61.75.15 Intelbras TIP300 version 65.61.75.15 Description: The issue allows for XSS attacks through the /cgi-bin/cgiServer.exx API endpoint, specifically when the page...
CVE-2020-26552
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...
CVE-2020-26223
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Ord...
CVE-2020-26223 Authorization bypass in Spree
Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Ord...
Cisco Integrated Management Controller Authorization Bypass (cisco-sa-cimc-auth-zWkppJxL)
According to its self-reported version, Cisco Unified Computing System Management Software is affected by an authorization bypass vulnerability due to improper authorization checks on API endpoints. An authenticate, remote attacker can exploit this issue, by sending malicious requests to an API...
CVE-2020-28002
In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allows creating and overwriting public and private projects via the /api/ce/submit endpoint...
Authentication flaw
In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. With an empty value for the -D sonar.login option, anonymous authentication is forced. This allows creating and overwriting public and private projects via the /api/ce/submit endpoint...
CVE-2020-25966
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendo...
PT-2020-16257 · Sectona · Sectona Spectra
Name of the Vulnerable Software and Affected Versions: Sectona Spectra versions prior to 3.4.0 Description: The issue concerns a vulnerable SOAP API endpoint that leaks sensitive information about configured assets without proper authentication. This could be exploited by unauthorized parties to...
Authentication flaw
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint...
CVE-2020-13297
CVE-2020-13297 : GitLab versions before 13.1.10, 13.2.8, and 13.3.4 are affected. A flaw allows a malicious user to bypass the 2FA restriction for groups by sending a crafted query to the API endpoint. The vulnerability is caused by improper authorization checks in the group-level 2FA flow, enabl...
PT-2020-13438 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A security issue was found that allows a malicious user to bypass 2-factor authentication restrictions for groups. This can be...
Command Injection in soletta-dev-app
All versions of soletta-dev-app are vulnerable to Command Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the service query parameter to an exec call. This may allow attackers to run arbitrary commands in the system. Recommendation ...
GHSA-8MGG-5X65-M4M4 Command Injection in soletta-dev-app
All versions of soletta-dev-app are vulnerable to Command Injection. The package does not validate user input on the /api/service/status API endpoint, passing contents of the service query parameter to an exec call. This may allow attackers to run arbitrary commands in the system. Recommendation ...
Unintended Require in larvitbase-www
All versions of larvitbase-www are vulnerable to an Unintended Require. The package exposes an API endpoint and passes a GET parameter unsanitized to an require call. This allows attackers to execute any .js file in the same folder as the server is running. Recommendation No fix is currently...
GHSA-88H9-FC6V-JCW7 Unintended Require in larvitbase-www
All versions of larvitbase-www are vulnerable to an Unintended Require. The package exposes an API endpoint and passes a GET parameter unsanitized to an require call. This allows attackers to execute any .js file in the same folder as the server is running. Recommendation No fix is currently...
Denial of Service in grpc-ts-health-check
Versions of grpc-ts-health-check prior to 2.0.0 are vulnerable to Denial of Service. The package exposes an API endpoint that may allow attackers to set the service's health status to failing. This can lead to Denial of Service as Kubernetes blocks traffic to services with a failing status...
GHSA-M86M-5M44-PC93 Denial of Service in grpc-ts-health-check
Versions of grpc-ts-health-check prior to 2.0.0 are vulnerable to Denial of Service. The package exposes an API endpoint that may allow attackers to set the service's health status to failing. This can lead to Denial of Service as Kubernetes blocks traffic to services with a failing status...
Command Injection in addax
Versions of addax prior to 1.1.0 are vulnerable to Command Injection. The package does not validate user input on the presignPath function which receives input directly from the API endpoint. Exploiting the vulnerability requires authentication. This may allow attackers to run arbitrary commands ...
GHSA-4Q8F-5XXJ-946R Command Injection in addax
Versions of addax prior to 1.1.0 are vulnerable to Command Injection. The package does not validate user input on the presignPath function which receives input directly from the API endpoint. Exploiting the vulnerability requires authentication. This may allow attackers to run arbitrary commands ...