186 matches found
Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection
Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Date: 20/11/2021 Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The...
Aimeos Laravel ecommerce platform 2021.10 LTS - (sort) SQL injection Vulnerability
Exploit Title: Aimeos Laravel ecommerce platform 2021.10 LTS - 'sort' SQL injection Exploit Author: Ilker Burak ADIYAMAN Vendor Homepage: https://aimeos.org Software Link: https://aimeos.org/laravel-ecommerce-package Version: Aimeos 2021.10 LTS Tested on: MacOSX Description: The Aimeos E-Commerce...
DRUPAL-CORE-2021-008
Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access bypass vulnerability. An attacker might be able to upload files that bypass the file validation process implemented by modules on the...
Drupal 代码问题漏洞
Drupal is an open source content management system developed by the Drupal community using the PHP language. A code issue exists in Drupal that is caused by improper access restrictions in the program's "JSON:API" module and "REST/File" module. A remote user could bypass the implemented security...
FortiSandbox - Predictable session IDs of JSON API
An instance of small space of random values in FortiSandbox RPC API may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs...
NiceHash Miner Excavator 1.6.7c Cross Site Request Forgery Vulnerability
NiceHash Miner Excavator versions 1.6.7c and below suffer from a cross site request forgery vulnerability. The issue enables any external web site to send commands to the local miner instance, and to redirect the mined coins to an arbitrary mining address. NiceHash Miner Excavator API Cross-Site...
NICER Protocol Deep Dive: Internet Exposure of etcd
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...
DRUPAL-CORE-2020-006
JSON:API PATCH requests may bypass validation for certain fields. By default, JSON:API works in a read-only mode which makes it impossible to exploit the vulnerability. Only sites that have the readonly set to FALSE under jsonapi.settings config are vulnerable...
PT-2020-6400 · Drupal · Drupal Core
Name of the Vulnerable Software and Affected Versions: Drupal Core versions prior to 8.8.8 Drupal Core versions prior to 8.9.1 Drupal Core versions prior to 9.0.1 Description: The issue is related to improper authorization in the Drupal Core JSON:API module when the read only setting is set to...
CVE-2020-12834
eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...
Design/Logic Flaw
eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...
CVE-2020-12834
The Red Hat CVE record confirms CVE-2020-12834 affects eQ-3 Homematic CCU2 (version 2.51.6 and earlier) and CCU3 (version 3.51.6 and earlier). The vulnerability enables Remote Code Execution via the JSON API method ReGa.runScript due to the default auto-login feature being enabled during initial ...
CVE-2020-12834
eQ-3 Homematic Central Control Unit CCU2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web interface, due to the default auto-login feature being enabled during first-time setup or factory...
DRUPAL-CONTRIB-2020-010
This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities. The security team and module maintainers are marking this project unsupported. Both the 8.x-1.x and 8.x-2.x versions are unsupported, and users of either version are...
JSON:API - Critical - Unsupported - SA-CONTRIB-2020-010
This module provides a JSON API standards-compliant API for accessing and manipulating Drupal content and configuration entities. The security team and module maintainers are marking this project unsupported. Both the 8.x-1.x and 8.x-2.x versions are unsupported, and users of either version are...
Fedora: Security Advisory for couchdb (FEDORA-2020-73bd8167a0)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 32 Update: couchdb-3.0.0-1.fc32
Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...
CVE-2019-19866
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...
CVE-2019-19866
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...
Design/Logic Flaw
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with...