CVE-2022-34486

CVE-2022-34486 concerns a path traversal vulnerability in PukiWiki versions 1.4.5–1.5.3. The issue allows a remote authenticated attacker with administrative privileges to execute a malicious script via unspecified vectors, indicating a potentially high impact (CVE details show high severity in s...

CVE-2022-20884

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

CVE-2022-20884 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

Zabbix Frontend 跨站脚本漏洞

Zabbix Frontend is a monitoring software front-end tool from the American company Zabbix. A cross-site scripting vulnerability exists in Zabbix Frontend that stems from a graphical page that lacks checksum filters for user-supplied data and output. An authenticated attacker can exploit this...

CVE-2022-1654

Jupiter Theme = 6.10.1 and JupiterX Core Plugin = 2.0.7 allow any authenticated attacker, including a subscriber or customer-level attacker, to gain administrative privileges via the "abbuninstalltemplate" both and "jupiterxcorecpuninstalltemplate" JupiterX Core Only AJAX actions...

CVE-2022-1838

A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'//AND//SELECT//5383//FROM//SELECTSLEEP5JPeh//AND//'frfq%'='frfq leads to sql...

UBUNTU-CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

CVE-2022-28165

A vulnerability in the role-based access control RBAC functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists...

PHP Object Injection Vulnerability in Booking Calendar Plugin

On April 18, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations. We received a response the same day and sent over our full disclosure ear...

CVE-2021-41026

CVE-2021-41026 affects Fortinet FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15. A relative path traversal in the FortiWeb API controller could allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. The connected doc...

WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting

Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...

CVE-2021-43970

An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 1043 via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated low privileged attacker to execute remote code on the target server within the context of...

VulnCheck KEV: CVE-2017-6740

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload...

Fortinet FortiWLM 路径遍历漏洞

Fortinet FortiWLC is a wireless LAN controller from Fortinet, Inc. A path traversal vulnerability exists in Fortinet FortiWLC, which can be exploited by an authenticated attacker to retrieve arbitrary files from the underlying file system via a specially crafted Web request...

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207.

...

CVE-2022-0020

A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...

CVE-2021-33966

Cross site scripting XSS vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page...

SonicOS SessionID Buffer Overflow via HTTP response

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 6 and Gen 7 firmware versions. CVE: CVE-2021-20048...

Command injection

An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

CVE-2021-3376

CVE-2021-3376 affects CuppaCMS (versions before 31 Jan 2021). An authenticated attacker can escalate privileges by sending a crafted POST request that uses the user_group_id_field parameter. The vulnerability stems from a faulty programmatic call related to privilege handling in CuppaCMS. Documen...