ImpressCMS 1.4.2 - Remote Code Execution (Authenticated) Exploit

Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Authenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.impresscms.org/ Software Link: https://www.impresscms.org/modules/downloads/ Version: 1.4.2 Category: Webapps Tested on: Linux/Windows ImpressCMS is a...

ImpressCMS 1.4.2 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: ImpressCMS 1.4.2 - Remote Code Execution RCE Authenticated Date: 15-09-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.impresscms.org/ Software Link: https://www.impresscms.org/modules/downloads/ Version: 1.4.2 Category: Webapps Tested on: Linux/Windows...

Pro-PRC Influence Campaign Expands to Dozens of Social Media Platforms, Websites, and Forums in at Least Seven Languages, Attempted to Physically Mobilize Protesters in the U.S.

In June 2019, Mandiant Threat Intelligence first reported to customers a pro-People’s Republic of China PRC network of hundreds of inauthentic accounts on Twitter, Facebook, and YouTube, that was at that time primarily focused on discrediting pro-democracy protests in Hong Kong. Since then, the...

SQL Injection Vulnerability in SEMCMS PHP (Multilingual) Version (CNVD-2021-28831)

SEMCMS PHP multilingual version is a set of open source foreign trade enterprise website management system , mainly for foreign trade enterprises , compatible with IE, Firefox and other mainstream browsers . SEMCMS PHP multilingual version of the SQL injection vulnerability, an attacker can use t...

[SECURITY] Fedora 32 Update: lout-3.40-18.fc32

Lout is a document formatting system designed and implemented by Jeffrey Kingston at the Basser Department of Computer Science, University of Sydney, Australia. The system reads a high-level description of a document similar in style to LaTeX and produces a PostScript file which can be printed on...

[SECURITY] Fedora 33 Update: lout-3.40-18.fc33

Lout is a document formatting system designed and implemented by Jeffrey Kingston at the Basser Department of Computer Science, University of Sydney, Australia. The system reads a high-level description of a document similar in style to LaTeX and produces a PostScript file which can be printed on...

Fedora: Security Advisory for lout (FEDORA-2020-869cd99560)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

glib2, ibus security update

CentOS Errata and Security Advisory CESA-2020:3978 An update for glib2 and ibus is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Moderate: Red Hat Security Advisory: glib2 and ibus security and bug fix update

An update for glib2 and ibus is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

[SECURITY] Fedora 31 Update: roundcubemail-1.4.8-1.fc31

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 31 Update: roundcubemail-1.4.7-1.fc31

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 31 Update: roundcubemail-1.4.6-1.fc31

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Internationalization - Moderately critical - Cross site scripting - SA-CONTRIB-2020-025

The Internationalization i18n module is a collection of modules to extend Drupal core multilingual capabilities and allows to build real life multilingual sites. A value in the term translation module is displayed without being escaped leading to a Cross Site Scripting XSS vulnerability. This...

The vulnerability of the input system for writing multiple languages in Unix-like operating systems, such as ibus, allows a intruder to gain unauthorized access to information and compromise its integrity.

The vulnerability of the input system for writing multiple languages in Unix-like operating systems, such as ibus, is related to the lack of authentication when the DBus server is configured incorrectly. Exploiting this vulnerability can allow a malicious individual to gain unauthorized access to...

[SECURITY] Fedora 30 Update: roundcubemail-1.4.4-1.fc30

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 32 Update: roundcubemail-1.4.4-1.fc32

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Moderate: Red Hat Security Advisory: ibus and glib2 security and bug fix update

An update for glib2 and ibus is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

SQL Injection Vulnerability in Rookie Enterprise Website System

Rookie enterprise website system can be used for free, can be used for commercial purposes, there is no time limit. The system is fully functional in the background, easy to operate, can be opened pseudo-static and pure static mode, conducive to SEO optimization; the front can be set to display...

WordPress sitepress-multilingual-cms cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. sitepress-multilingual-cms WPML plugin is a website multilingual support plugin used in it. A cross-site request forgery vulnerability...

CVE-2020-10568

The sitepress-multilingual-cms WPML plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings...