CVE-2022-30622

Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sysusernamepasswd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit information within...

CVE-2022-34475

SVG use tags that referenced a same-origin document could have resulted in script execution if attacker input was sanitized via the HTML Sanitizer API. This would have required the attacker to reference a same-origin JavaScript file containing the script to be executed. This vulnerability affects...

Stripo Inc: Non-revoked API Key Information disclosure via Stripo_report()

Talking about 983331 reports where a security researcher reported secret API key leakage vulnerability in a JavaScript file at Stripo. This report is disclosed on HackerOne, and the team at Stripo have forgotten to blur the API keys from the report before disclosing it to the public. The API keys...

GHSA-3PX5-WJH3-9X6R Mautic stored Cross-site Scripting (XSS)

Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load an externally drafted JavaScript file that would allow them to eventually perform actions on...

Mautic stored Cross-site Scripting (XSS)

Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load an externally drafted JavaScript file that would allow them to eventually perform actions on...

minimist 安全漏洞

minimist is a command-line parameter parsing tool. minimist suffers from a security vulnerability that stems from vulnerability to prototype contamination via the file index.js, function setKey. No details of the vulnerability are currently available...

U.S. Dept Of Defense: Authorization bypass -> IDOR -> PII Leakage

Hi team! During testing ████ I found javascript file containing administrative panel functionality. It is accessible at: https://████/█████████ In this file I found an end point responsible for returning data about applications of the website users to the website administrators. The returned data...

New GootLoader Campaign Targets Accounting, Law Firms

Once prolific spreaders of REvil ransomware, the GootLoader malware gang has pivoted to actively targeting employees of law and accounting firms with malicious downloads. The Threat Response Unit from eSentire issued an alert about having over the past three weeks observed GootLoader attacks on...

Haklistgen - Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing

Turns any junk text into a usable wordlist for brute-forcing. Installation go install github.com/hakluke/haklistgen@latest Usage Examples Scrape all words out of an HTTP response to build a directory bruteforce wordlist: curl https://wikipedia.org | haklistgen Pipe a list of subdomains to it to...

Snyk theme-core command injection vulnerability

Snyk theme-core is a plug-in that provides nmp packages for an application from Snyk USA. theme-core suffers from a command injection vulnerability that stems from are vulnerable to command injection via the lib utils.js file...

Mautic cross-site scripting vulnerability (CNVD-2021-08891)

Mautic is an open source marketing automation software. The software monitors and manages websites, sends emails and manages customer resources. A cross-site scripting vulnerability exists in versions prior to Mautic 3.2.4, which can be exploited by an attacker to load an external JavaScript file...

CVE-2020-35129

Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load an externally drafted JavaScript file that would allow them to eventually perform actions on...

SAP BusinessObjects Business Intelligence 跨站脚本漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and deploy...

Systeminformation Command Injection Vulnerability

systeminformation is an Npm repository of operating system information for individual developers. A command injection vulnerability exists in systeminformation versions prior to 4.27.11, which allows an attacker to concatenate curl arguments to overwrite a Javascript file and then execute all OS...

DEBIAN-CVE-2020-7752

This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands...

CVE-2020-26583

An issue was discovered in Sage DPW 202006x before 202006002. It allows unauthenticated users to upload JavaScript in a file via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persistently include...

CVE-2020-26583

An issue was discovered in Sage DPW 202006x before 202006002. It allows unauthenticated users to upload JavaScript in a file via the expenses claiming functionality. However, to view the file, authentication is required. By exploiting this vulnerability, an attacker can persistently include...

CVE-2020-13260

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as th...

CVE-2020-13260

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as th...

CVE-2020-13260

The CVE-2020-13260 entry concerns RAD SecFlow-1v web-based management interface (SF_0290_2.3.01.26). A vulnerability allows an authenticated attacker to upload a JavaScript file as a stored XSS payload, which is saved in the system as an OVPN config or a static key file. The payload executes when...