CVE-2025-22385

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-requested...

CVE-2024-45232

An issue was discovered in powermail extension through 12.3.5 for TYPO3. It fails to validate the mail parameter of the confirmationAction, resulting in Insecure Direct Object Reference IDOR. An unauthenticated attacker can use this to display the user-submitted data of all forms persisted by the...

PT-2024-31490 · Typo3 · Powermail

Name of the Vulnerable Software and Affected Versions: powermail extension versions prior to 7.5.0 powermail extension versions prior to 8.5.0 powermail extension versions prior to 10.9.0 powermail extension versions prior to 12.4.0 Description: An issue was discovered in the powermail extension...

GO-2023-1685 HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault

HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File in github.com/hashicorp/vault...

GHSA-GPPG-GQW8-WH9G litellm vulnerable to remote code execution based on using eval unsafely

BerriAI/litellm version v1.35.8 contains a vulnerability where an attacker can achieve remote code execution. The vulnerability exists in the adddeployment function, which decodes and decrypts environment variables from base64 and assigns them to os.environ. An attacker can exploit this by sendin...

CVE-2024-3624

CVE-2024-3624 concerns Quay’s mirror-registry where database credentials are stored in plain-text in the Jinja config.yaml. The issue, documented in multiple sources, states that a malicious actor with access to that file can gain access to Quay’s database. The connected PT-2024-3593 advisory con...

CVE-2024-3625

A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance...

BIT-VAULT-2023-0620 Vault Vulnerable to SQL Injection When Configuring the Microsoft SQL Database Storage Backend

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL MSSQL Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provide...

GHSA-7M8G-FPRR-47FX phpMyFAQ vulnerable to stored XSS on attachments filename

Summary Unsafe echo of filename in phpMyFAQ\phpmyfaq\admin\attachments.php leading to allow execute JavaScript code in client side XSS Details On that snippet code of rendering the file attachments from user tables id ?" title="thema ?" id ? filename ? recordlang ? filesize ? mimetype ? The data...

Cross site scripting

Label Studio is an a popular open source data labeling tool. Versions prior to 1.9.2 have a cross-site scripting XSS vulnerability that could be exploited when an authenticated user uploads a crafted image file for their avatar that gets rendered as a HTML file on the website. Executing arbitrary...

CloudRecon - Finding assets from certificates

CloudRecon Finding assets from certificates! Scan the web! Tool presented @DEFCON 31 Install You must have CGO enabled, and may have to install gcc to run CloudRecon sudo apt install gcc go install github.com/g0ldencybersec/CloudRecon@latest Description CloudRecon CloudRecon is a suite of tools f...

PT-2024-18979 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 8.1.3 Description: PrestaShop is an open-source e-commerce platform. The issue arises because the isCleanHtml method is not used on a specific form, allowing the storage of a cross-site scripting payload in the...

CVE-2023-41335

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as...

CVE-2023-41335

CVE-2023-41335 affects the Synapse Matrix homeserver. When users update passwords, the new credentials may be briefly held in the server’s database, potentially ending up in backups longer than expected. The issue does not grant new capabilities but violates expectations around password storage. ...

GHSA-4F74-84V3-J9Q5 matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes

Impact When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as part of the authentication process—it does disrupt the expectation that passwords won't be...

Cross site scripting

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

SUSE CVE-2023-29454

Stored or persistent cross-site scripting XSS is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload e.g., in a database or server-side text files, and finally, the application unintentionally executes the payload for every victi...

CVE-2023-0620

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL MSSQL Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provide...

Sql injection

HashiCorp Vault and Vault Enterprise versions 0.8.0 through 1.13.1 are vulnerable to an SQL injection attack when configuring the Microsoft SQL MSSQL Database Storage Backend. When configuring the MSSQL plugin through the local, certain parameters are not sanitized when passed to the user-provide...

CVE-2023-0620

HashiCorp Vault/Vault Enterprise versions 0.8.0–1.13.1 are vulnerable to SQL injection when configuring the Microsoft SQL (MSSQL) Database Storage Backend. In the MSSQL plugin configuration, certain parameters are not sanitized before being passed to the backend, allowing a local attacker to modi...