CVE-2023-2299 Online Booking & Scheduling Calendar for WordPress by vcita <= 4.4.2 - Missing Authorization on REST-API

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized medication of data via the /wp-json/vcita-wordpress/v1/actions/auth REST-API endpoint in versions up to, and including, 4.4.2 due to a missing capability check on the processAction...

CVE-2023-32310 DataEase API interface has IDOR vulnerability

DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references IDOR. This could result in a user deleting another user's dashboard or messages or interfering with the...

CVE-2023-30285

An issue in Deviniti Issue Sync Synchronization v3.5.2 for Jira allows attackers to obtain the login credentials of a user via a crafted request sent to /rest/synchronizer/1.0/technicalUser...

missing permission check for API /setting/workspace/member/update

Proof of Concept 1 user1 是workspace1的空间管理员 2 user2 是workspace1的成员 3 user1 更新user2的信息，比如将其更新为空间管理员 4 使用burpsuite拦截请求 POST /setting/workspace/member/update HTTP/1.1 Host: 192.168.213.128:8081 Content-Length: 144 Accept-Language: zh-CN WORKSPACE: bd6fc04b-15af-43dc-8cb6-411deaec81a7 User-Agent:...

CVE-2022-36249 Shop Beat Services Vulnerable To Bypass 2FA via APIs

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API...

CVE-2022-36249 Shop Beat Services Vulnerable To Bypass 2FA via APIs

Shop Beat Solutions Pty LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API...

CVE-2023-23299

The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data...

CVE-2023-23302

The Toybox.GenericChannel.setDeviceConfig API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the executi...

CVE-2023-23300

The Toybox.Cryptography.Cipher.initialize API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the...

Screen SFT DAB 600/C - Authentication Bypass Erase Account

!/usr/bin/env python3 Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Erase Account Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

PT-2023-18898 · Ciq Api · Ciq Api

Name of the Vulnerable Software and Affected Versions: CIQ API versions 3.2.0 through 4.1.7 Description: The issue concerns the Toybox.Ant.GenericChannel.enableEncryption API method, which fails to validate its parameters. This can lead to buffer overflows when copying attributes, potentially...

The vulnerability of the application programming interface of the Cisco DNA Center allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the application programming interface of the Cisco DNA Center relates to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands with root privileges using a specially created API...

PT-2023-2776 · Cisco · Cisco Dna Center

Name of the Vulnerable Software and Affected Versions: Cisco DNA Center Software affected versions not specified Description: The issue is related to weaknesses in the authorization procedure of the Cisco DNA Center application programming interface. It may allow a remote attacker to gain...

Sql injection

IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login...

Screen SFT DAB 600/C Authentication Bypass / Erase Account

!/usr/bin/env python3 Screen SFT DAB 600/C Authentication Bypass Erase Account Exploit Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version:...

SUSE-SU-2023:2154-1 Security update for distribution

This update for distribution fixes the following issues: - CVE-2023-2253: Fixed possible DoS via a crafted malicious /v2/catalog API endpoint request bsc1207705...

CVE-2023-29106

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint...

PT-2023-11908 · Ibm · Ibm Counter Fraud Management For Safer Payments

Name of the Vulnerable Software and Affected Versions: IBM Counter Fraud Management for Safer Payments versions 5.7.0.00 through 5.7.0.10 IBM Counter Fraud Management for Safer Payments versions 6.0.0.00 through 6.0.0.07 IBM Counter Fraud Management for Safer Payments versions 6.1.0.00 through...

SQL Injection in Translation Export API

Impact SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any...

CVE-2022-37326

Docker Desktop for Windows before 4.6.0 allows attackers to delete or create any file through the dockerBackendV2 windowscontainers/start API by controlling the pidfile field inside the DaemonJSON field in the WindowsContainerStartRequest class. This can indirectly lead to privilege escalation...