GHSA-GJQ4-69WJ-P6PR Path traversal in pimcore

The application doesn't perform a check/filter against the value of "importFile" parameter at endpoint "/admin/translation/import". After the API is executed, PHP unlink function will proceed to delete the file...

CVE-2022-0708 Team Creator's Email Address is disclosed to Team Members via one of the APIs

Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure...

Unrestricted Upload of File with Dangerous Type

Description In recent Crater version bed05fc2 tag: 6.0.4 privileged user can upload PHP file as expense receipt. Proof of Concept POST /api/v1/expenses/59/upload/receipts HTTP/1.1 Host: 172.17.0.1:8888 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:98.0 Gecko/20100101 Firefox/98.0 Accept: /...

CVE-2022-21196

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remo...

Shopify: Limited Privilege User Can Create Unauthorized Referrals on partners.shopify.com

A privilege escalation vulnerability was discovered in Shopify's Partner Portal that allowed users without "View referrals" permission to create POS leads by directly accessing the lead creation URL. The backend API lacked proper authorization checks, enabling users to bypass the implemented...

CVE-2022-21283

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

CVE-2021-37867 Emails of all users are exposed via one of the Boards APIs

Mattermost Boards plugin v0.10.0 and earlier fails to protect email addresses of all users via one of the Boards APIs, which allows authenticated and unauthorized users to access this information resulting in sensitive & private information disclosure...

CVE-2022-22152

A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API, one tenant is able to obtain information on...

Ultimaker 3D printer 跨站请求伪造漏洞

The Ultimaker 3D printer is a series of powerful, professional 3D printers from the Dutch company Ultimaker. A security vulnerability exists in the Ultimaker 3D printer that originates from local web servers hosting APIs that are vulnerable to CSRF attacks. They do not validate incoming requests...

SonicWall SMA100 API username enumeration vulnerability

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacker to perform SMA100 username enumeration based on the server responses. This vulnerability affected 10.2.1.2-24sv, 10.2.0.8-37sv and earlier 10.x versions. CVE: CVE-2021-20049 Last updated: Dec. 21, 202...

The vulnerability of the web interface and API of the Cisco Application Policy Infrastructure Controller allows a perpetrator to execute arbitrary commands.

The vulnerability of the Cisco Application Policy Infrastructure Controller’s web interface and API exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

Exploit for Improper Input Validation in Apache Log4J

tejas-nagchandi/CVE-2021-45105 Replicating CVE-2021-45105...

The vulnerability in the API for accessing WebVR devices in Google Chrome allows a perpetrator to circumvent existing security restrictions by using a specially created HTML page.

The vulnerability of the API for accessing WebVR devices in Google Chrome browsers is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions through a specially created HTML page...

CVE-2021-43835

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not...

Design/Logic Flaw

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions Sulu users who have access to any subset of the admin UI are able to elevate their privilege. Over the API it was possible for them to give themselves permissions to areas which they did not...

Invenio-Drafts-Resources 安全漏洞

Invenio-Drafts-Resources is a submission/deposit module for Invenio. It is used for research data management. A security vulnerability exists in Invenio-Drafts-Resources versions prior to 0.13.7 and 0.14.6, which stems from a failure to properly check permissions in the affected product. The...

CVE-2021-43686

nZEDb v0.4.20 is affected by a Cross Site Scripting XSS vulnerability in www/pages/api.php. The exit function will terminate the script and print the message which has the input $GET't'...

CVE-2021-41252

Kirby is an open source file structured CMS Impact Kirby's writer field stores its formatted content as HTML code. Unlike with other field types, it is not possible to escape HTML special characters against cross-site scripting XSS attacks, otherwise the formatting would be lost. If the user is...

Cross site scripting

Kirby is an open source file structured CMS Impact Kirby's writer field stores its formatted content as HTML code. Unlike with other field types, it is not possible to escape HTML special characters against cross-site scripting XSS attacks, otherwise the formatting would be lost. If the user is...

Stark Bank Data Forgery Problem Vulnerability (CNVD-2021-95642)

Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank ecdsa-elixir suffers from a Data Forgery Issue vulnerability that stems from the...