PT-2023-32831 · Bitnami +4 · Mlflow +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information. Recommendations: A...

Abantecart v1.3.2 - Authenticated Remote Code Execution

Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...

GHSA-593V-WCQX-HQ2W Incorrect version tags linked to external repository

Impact A security incident caused a number of incorrect version tags to be pushed to the Parse Server repository. These version tags linked to a personal fork of a contributor who had write access to the repository. The code to which these tags linked has not been reviewed or approved by Parse...

Incorrect version tags linked to external repository

Impact A security incident caused a number of incorrect version tags to be pushed to the Parse Server repository. These version tags linked to a personal fork of a contributor who had write access to the repository. The code to which these tags linked has not been reviewed or approved by Parse...

CVE-2021-21979

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

CVE-2021-21979

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

Design/Logic Flaw

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

CVE-2021-21979

In Bitnami Laravel containers, older images (< 6.20.0-debian-10-r107 for Laravel 6, < 7.30.1-debian-10-r108 for Laravel 7,

CVE-2021-21979

In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel 6, 7.30.1-debian-10-r108 for Laravel 7 and 8.5.11-debian-10-r0 for Laravel 8, the file /tmp/app/.env is generated at the time that the docker image bitnami/laravel was built, and the value of APPKEY ...

Bitnami Containers 信任管理问题漏洞

Bitnami Containers is an open source application from Bitnami. It is used to closely track upstream source code changes and to release new versions of this image in a timely manner using our automated system. A security vulnerability exists in Bitnami Containers, which can be exploited by an...

ModX CMS Proof Of Concept Shell Upload

c@kali:/src/Napalm2.2/libs$ cat shell-modxcms.py !/usr/bin/env python shell-modxcms.py - upload shell for modx 2.5.6-pl !! we need rwx in modx-webdir to go ;Z 30.05.217 @ code610 blogspot com import requests import re target=rawinput"Hostname " print '+ Preparing tests for ' + strtarget session =...

PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload

PHP PEAR HTTPUpload 1.0.0b3 - Arbitrary File Upload + + Credits: John Page AKA Hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PEAR-HTTPUPLOAD-ARBITRARY-FILE-UPLOAD.txt + ISR: ApparitionSEC + Vendor: ============ pear.php.net Product:...

PHP PEAR HTTP_Upload 1.0.0b3 - Arbitrary File Upload

Credits: John Page AKA Hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/PEAR-HTTPUPLOAD-ARBITRARY-FILE-UPLOAD.txt + ISR: ApparitionSEC + Vendor: ============ pear.php.net Product: ==================== HTTPUpload v1.0.0b3 Download:...