132 matches found
CVE-2020-10560
An issue was discovered in Open Source Social Network OSSN through 5.3. A user-controlled file path with a weak cryptographic rand can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the...
CVE-2018-20889
cPanel before 74.0.0 allows certain file-read operations via password file caching SEC-425...
phpMyAdmin 4.0 < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1), (PMASA-2019-2)
According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.8.5. It is, therefore, affected by multiple vulnerabilities. - When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any...
CVE-2018-19858
PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file e.g., in an IFRAME element, PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF...
CVE-2018-19858
PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file e.g., in an IFRAME element, PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF...
Design/Logic Flaw
PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file e.g., in an IFRAME element, PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF...
CVE-2018-19858
PrinceXML versions 10 and below are vulnerable to XXE due to missing protection against external entities. If an attacker supplies HTML referencing an XML file (for example via an IFRAME), PrinceXML will fetch and parse the XML, enabling file-read access and SSRF. No remediation details are provi...
CVE-2018-19858
PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file e.g., in an IFRAME element, PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF...
Code injection
gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup...
Unauthenticated Privileged Directory Traversal in IPConfigure Orchid Core VMS(CVE-2018-10956)
Affected Software: IPConfigure Orchid Core VMS All versions 2.0.6, tested on Linux and Windows Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module:...
Security Bulletin: A security vulnerability in IBM Liberty affects IBM Algo One Algo Risk Application (ARA) CVE-2017-1681
Summary A security vulnerability in IBM Liberty affects IBM Algo One Algo Risk Application ARA CVE-2017-1681 Vulnerability Details CVEID: CVE-2017-1681 DESCRIPTION: IBM WebSphere Application Server IBM Liberty for Java for Bluemix 3.15 could allow a local attacker to obtain sensitive information,...
CVE-2018-3714
node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path...
XXE Zeroday Vulnerability in HP PPM
Intro: XXE Zeroday Vulnerability in HP PPM Researchers at Rhino Security Labs discovered an XXE vulnerability in the way HP Project and Portfolio Management Center HP PPM processed imported tickets. Specifically, an XML external entity injection vulnerability allows an attacker to exploit the...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
Xxe
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
CVE-2017-14101
Affected product/brand: Change Healthcare Conserus Image Repository archive solution (version 2.1.1.105). Vulnerability type: XML External Entity (XXE) injection. Root cause / vector: Unauthenticated user can send a modified HTTP SOAP request to the vulnerable service to trigger XXE behavior. Imp...
CVE-2017-14101
A security researcher found an XML External Entity XXE vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP request to the vulnerable...
CVE-2017-14947
Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359."...
Design/Logic Flaw
In SWFTools 2013-04-09-1007 on Windows, png2swf allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to a "Read Access Violation starting at image0000000000400000+0x000000000001b596."...