699 matches found
DEBIAN-CVE-2019-12086
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint, the service has the mysql-connector-java jar 8.0.14 or earlier in the classpath, and an...
CVE-2018-1623
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 144408...
Vanilla: Unsanitized user photo paths allow local file read
Summary: When we register a new user, we can set the photo of user. If we set a milicious path, we can delete the profile photo of others Description: There is an episode of register. applications/dashboard/controllers/class.entrycontroller.php private function registerBasic $this-View =...
GHSA-5P52-J8PW-J7X5 Improper Restriction of XML External Entity Reference in bedework:bw-webdav
Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java...
Apereo Bedework bw-webdav XML External Entity Injection Vulnerability
Apereo Bedework bw-webdav is a general purpose webdav server. It is primarily used to interact with the backend to access resources. A security vulnerability exists in Apereo Bedework bw-webdav versions prior to 4.0.3. An attacker can exploit this vulnerability to perform an XML external entity...
CVE-2018-1505
IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 141413...
CVE-2018-1505
IBM i2 Enterprise Insight Analysis 2.1.7 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 141413...
GHSA-3PPH-2595-CGFH There is a XML external entity expansion (XXE) vulnerability in Apache Solr
This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...
GHSA-7PX3-6F6G-HXCJ XML external entity expansion in org.apache.solr:solr-core
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...
h1-5411-CTF: MemeCTF serial exploitation to local file read to Papertrail access via API-token leakage and more
Hi there dear CTF staff! First of all a huge thank you for the great challenge you put up! I've found it super exciting and the learning curve has been steep. For this case, I was first wondering if this is a part of the actual CTF, but after some inspecting, it surely doesn't seem so! I did even...
h1-5411-CTF: H1-5411 CTF Writeup
So, Hackerone posted a tweet about the Meme CTF Where barcode was in the tweet image by scanning it and decoding from hex I found this link : https://h1-5411.h1ctf.com/ where we can create/generate a memes and for generating the meme this was used form GitHub which i found in source code analysis...
h1-5411-CTF: RCE via Local File Read -> php unserialization-> XXE -> unpickling
Summary: It was possible to escalate to Remote Code Execution via different bugs such as local file read, php object injection, XML External Entity and Un-Pickling of Python serialized object. Description: Using local file read it was discovered that the php code was vulnerable to php object...
openSUSE Security Update : cups (openSUSE-2018-852)
This update for cups fixes the following issues : The following security vulnerabilities were fixed : - Fixed a local privilege escalation to root and sandbox bypasses in the scheduler - CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend bsc1096405 - CVE-2018-4181: Limited...
CVE-2018-8026
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion XXE in Solr config files currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file. In addition, Xinclude functionality provided in these config files is als...
JasperReports - Authenticated File Read Vulnerability
Exploit for multiple platform in category web applications TIBCO’s JasperReports string = wrapper.getParameterValues"page" To: getResource @ DirResourceSet.java:101 file = new File/home/rhino/jasperreports...mcat/webapps/jasperserver,"/WEB-INF/jsp/modules/administer/adminImport.jsp" Due to a lack...
ModbusPal XML External Entity Injection Vulnerability
ModbusPal is a MODBUS simulator written in Java with a replicated MODBUS environment. An XML external entity injection vulnerability exists in ModbusPal version 1.6b. A remote attacker can exploit this vulnerability by sending a specially crafted .xmpp or .xmpa file to the user to obtain the...
Nagios XI Directory Traversal Vulnerability
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version 5.4.13. An attacker can exploit the vulnerability to...
chromium-browser: Lack of meaningful user interaction requirement before file upload
Inappropriate dismissal of file picker on keyboard events in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to read local files via a crafted HTML page...
DEBIAN-CVE-2018-1308
This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion XXE in the &dataConfig= parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the...
CVE-2017-1756
IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 135856...