Stored xss in module FAQ News

Description When admins create a FAQ News they can pass xss to the "text of the record" section Proof of Concept 1.Login to admin account 2.In the CONTENT section, click on FAQ News 3.Add any type of source code and notice select Faq status as published 4.Turn on intercept with burp and click sav...

CVE-2023-25934

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request...

CVE-2023-25934

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request...

The vulnerability of microprogrammed medical devices’ Illumina Universal Copy Service, related to the reliance on open IP addresses, allows a intruder to intercept network traffic and remotely send arbitrary commands.

The vulnerability of microprogrammed medical devices with the Illumina Universal Copy Service is related to their reliance on open IP addresses. Exploiting this vulnerability allows a malicious actor to remotely intercept network traffic and also to send arbitrary commands remotely...

The vulnerability of the IEEE 802.11 protocol lies in its ability to intercept the data transmitted by devices and replace the MAC addresses of targets, allowing attackers to perform spoofing attacks.

The vulnerability of the IEEE 802.11 protocol lies in the ability to intercept the frames transmitted by the device and to replace the MAC address of the target device. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

CVE-2023-29680

Cleartext Transmission in set-cookie:ecospw: Tenda N301 v6.0, Firmware v12.02.01.61multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password...

CVE-2023-29681

Cleartext Transmission in cookie:ecospw: in Tenda N301 v6.0, firmware v12.03.01.06pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password...

Default credentials

Cleartext Transmission in set-cookie:ecospw: Tenda N301 v6.0, Firmware v12.02.01.61multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password...

CVE-2023-2197 Vault Enterprise Vulnerable to Padding Oracle Attacks When Using a CBC-based Encryption Mechanism with a HSM

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when using an HSM in conjunction with the CKMAESCBCPAD or CKMAESCBC encryption mechanisms. An attacker with privileges to modify storage and restart Vault may be able to intercept or modify cipher text in orde...

CVE-2023-29681

Cleartext Transmission in cookie:ecospw: in Tenda N301 v6.0, firmware v12.03.01.06pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password...

CVE-2023-29681

CVE-2023-29681 affects the Tenda N301 router (v6.0) with firmware v12.03.01.06_pt. The issue is cleartext transmission in the cookie ecos_pw, enabling an authenticated attacker on the LAN/WLAN to intercept router communications and obtain the password. Red Hat advisories corroborate the same cook...

The vulnerability of the microprogrammed software of Schneider Electric Ritto Wiser Door sensor, related to information disclosure during data exchange, allows a intruder to intercept the session.

The vulnerability of Schneider Electric Ritto Wiser Door door sensors’ microprogramming software is related to the disclosure of information during data exchange. Exploiting this vulnerability could allow a intruder to intercept a session...

Bit Form < 1.9 - RCE via Unauthenticated Arbitrary File Upload

The plugin does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution. As an unauthenticated user access a form containing a File Upload form...

CVE-2023-29002 Debug mode leaks confidential data in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

SUSE CVE-2022-47522

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

CVE-2022-47522

The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept possibly cleartext target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point such as authentication...

SonicWall SonicWave Secure Wireless Access Points 安全漏洞

SonicWall SonicWave Secure Wireless Access Points are a line of wireless access devices from SonicWall. A security vulnerability exists in SonicWall SonicWave Secure Wireless Access Points that originated from allowing a physically proximate attacker to intercept target frames by spoofing the...

CVE-2022-47522

CVE-2022-47522 affects Siemens SCALANCE/W-series wireless devices (e.g., W721-1, W722-1, W734-1, W738-1, W748-1, W761-1, W774-1, W778-1, W786-1/2, W788-1/2, WAM/ WUM lines) across multiple SKUs. The vulnerability concerns how IEEE 802.11 allows a physically proximate attacker to interfere with a ...

CVE-2023-27746

BlackVue DR750-2CH LTE v.1.0122022.10.26 was discovered to contain a weak default passphrase which can be easily cracked via a brute force attack if the WPA2 handshake is intercepted...

CVE-2023-29054

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...