381 matches found
CVE-2014-4860
Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...
200K WordPress Sites Vulnerable to Plugin Flaw
A high-severity vulnerability exists in a popular WordPress plugin, potentially opening up 200,000 websites to takeover. The WordPress plugin in question in Code Snippets, which allows users to run small chunks of PHP code on their websites. This can be used to extend the functionality of the...
Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass
Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time...
WordPress Plugin Time Capsule 1.21.16 - Authentication Bypass
Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...
WordPress Time Capsule 1.21.16 Authentication Bypass
Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Date: 2020-01-16 Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Tested on: LAMP stack with most recent...
Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Exploit
Exploit for php platform in category web applications Exploit Title: Wordpress Time Capsule Plugin 1.21.16 - Authentication Bypass Exploit Author: B. Canavate Vendor Homepage: https://wptimecapsule.com/ Software Link: https://wptimecapsule.com/ Version: Wordpress Time Capsule Plugin 1.21.16 Teste...
WordPress WP Time Capsule Authentication Bypass Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An authentication bypass vulnerability exists in WordPress WP Time Capsule, which can be exploited by an...
Critical WordPress Bug Leaves 320,000 Sites Open to Attack
Two WordPress plugins, InfiniteWP Client and WP Time Capsule, suffer from the same critical authorization bypass bug that allows adversaries to access a site’s backend with no password. All an attacker needs is the admin username for the WordPress plugins and they are in, according to researchers...
Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass
It is possible to login as an administrator on the site due to logical mistakes in the code. PoC The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parserequest function calls the function decodeserverrequestwptc which check if the raw POST payload contains a...
Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass
It is possible to login as an administrator on the site due to logical mistakes in the code. The issue resides in wptc-cron-functions.php line 12 where it parses the request. This parserequest function calls the function decodeserverrequestwptc which check if the raw POST payload contains a certa...
Apple Releases Security Updates for AirPort Extreme, AirPort Time Capsule
Apple has released AirPort Base Station Firmware Update 7.91 to address vulnerabilities in AirPort Extreme and AirPort Time Capsule wireless routers. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security...
katello-installer-base: QMF methods exposed to goferd via qdrouterd
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent. A malicious user authenticated to a host registered to Satellite or Capsule can use this flaw to access QMF methods to any host also registered to Satellite or Capsule and...
Design/Logic Flaw
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full...
CVE-2019-5024
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full...
CVE-2019-5024
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in full...
CVE-2019-5024
Capsule Technologies SmartLinx Neuron 2 devices (firmware 9.0.3 and older) contain a restricted environment escape vulnerability in kiosk mode. A specific sequence of USB keyboard inputs can escape the restricted environment and grant full administrator access to the underlying Windows OS. Affect...
CVE-2019-3845
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...
CVE-2019-3845
CVE-2019-3845 affects Red Hat Satellite tools (qpid-dispatch-router). The root cause is exposed QMF methods via qdrouterd, enabling an attacker authenticated on a registered host to access QMF methods across registered hosts and execute privileged commands. Red Hat issued RHSA-2019:1223 to addres...
CVE-2019-3845
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite or Capsule can use this fla...
katello-installer-base: QMF methods exposed to goferd via qdrouterd
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent. A malicious user authenticated to a host registered to Satellite or Capsule can use this flaw to access QMF methods to any host also registered to Satellite or Capsule and...