3979 matches found
Cross site scripting
Description 1. Login as teacher 2.Create a new assignment at https://www.rosariosis.org/demonstration/Modules.php?modname=Grades/Assignments.php&assignmenttypeid=3&assignmentid=new 3. Add this payload in discription 4. Save this assigment 5. You will see a prompt...
Improper File Deletion
Description A student uploaded a file when submitting an assignment. Then, if a teacher deletes that assignment, the attachment is still remained on the server and if anyone has the link to that file, he can access to it to view or download it. Steps to reproduce Login to the demo environment by...
Qualcomm 信息泄露漏洞
A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits including primarily semiconductor devices, but also passive components, etc., and from time to time fabricated on the surface of semiconductor wafers. An information disclosure vulnerability exists in several...
API Security is Necessary to Stop Threats that WAFs and Bot Protection Cannot
Today, there are still API security threats that most WAFs and Advanced Bot Protection solutions cannot manage. In this post, we’ll explain these new types of threats and make some recommendations for features you need within solutions to protect your APIs. When a bad actor makes a completely val...
The vulnerability of the telldir function in the Perl programming language allows a hacker to cause a service failure.
The vulnerability of the telldir function in the Perl programming language is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...
CVE-2022-24866 Exposure of Sensitive Information to an Unauthorized Actor in Discourse Assign
Discourse Assign is a plugin for assigning users to a topic in Discourse, an open-source messaging platform. Prior to version 1.0.1, the UserBookmarkSerializer serialized the whole User / Group object, which leaked some private information. The data was only being serialized to people who could...
The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.
The vulnerability of the Adobe Illustrator graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9313)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9313 advisory. - netfilter: nftables: initialize registers in nftdochain Pablo Neira Ayuso Orabug: 34012925 CVE-2022-1016 - btrfs: unlock newly allocated extent buffe...
GSD-2022-1001240 drm/amd/display: Call dc_stream_release for remove link enc assignment
drm/amd/display: Call dcstreamrelease for remove link enc assignment This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
GSD-2022-1000975 io_uring: abort file assignment prior to assigning creds
iouring: abort file assignment prior to assigning creds This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.4 by commit...
Mass Assignment Leading to (Limited) Password Confirmation Bypasses at UsersController
Description Hello there! Hope you are having an amazing day! 🤗 Just found out, while testing one of diaspora\ open servers, that the /user/edit endpoint has a limited case of "mass assignment", which enables an authenticated user to change their password and disable 2FA or change its secret witho...
Cross-site Scripting (XSS) - Stored
Description Stored XSS found due to long name summarize Proof of Concept 1.First, access the latest version of the demo environment. https://www.rosariosis.org/demonstration/index.php 2.Then log in with your teacher account teacher/teacher 3.After logging in, access to add an assignment. 4.Then...
Privilege Escalation
com.liferay.portal is vulnerable to privilege escalation. Remote authenticated attackers are able to gain access to view sensitive user information by accessing a list of sites and groups via the site membership assignment UI, due to improper validations of user permissions...
The vulnerability in the web interface of the Cisco Identity Services Engine, which allows a perpetrator to disclose protected information
The vulnerability of the Cisco Identity Services Engine’s network policy management web interface is related to the improper assignment of privileges. Exploiting this vulnerability could allow a malicious actor to disclose protected information...
Code injection
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI...
CVE-2022-22189
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
Design/Logic Flaw
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
CVE-2022-22189 Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
The vulnerability of the avi.c component of the VLC Media Player allows a hacker to cause a service failure.
The vulnerability of the avi.c component of the VLC Media Player media player is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Code injection
A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...