Steam Socialite Provider v1 does not correctly validate openid server

Impact The outdated version 1 of the Steam Socialite Provider doesn't check properly if the login comes from steamcommunity.com, allowing a malicious actor to substitute their own openID server. Patches This vulnerability only affects the outdated v1.x versions of the package. These are no longer...

U.S. Dept Of Defense: [CVE-2018-7600] Remote Code Execution due to outdated Drupal server on www.█████████

Summary Due to an outdated Drupal version, remote code execution is possible on www.█████ via CVE-2018-7600. Description Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple...

npm: sensitive information exposure through logs

Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "://:@::/". The password value is not redacted and is printed to stdout and also to any generated log files...

PT-2020-6456 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions prior to 9.1R8.2 Description: The issue is related to the Pulse Connect Secure admin web interface, where an authenticated attacker could potentially upload a custom template to execute arbitrary code. This is du...

Mozilla Thunderbird < 78.1

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 78.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-33 advisory. - Mozilla developers and community members Natalia Csoregi, Simon Giesecke, Jason Kratzer, Christian Holler...

JQuery < 1.9.0 XSS

According to the self-reported version in the script, the version of JQuery hosted on the remote web server is prior to 1.9.0. It is, therefore, affected by a cross site scripting vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid135011; scriptversion"1.3...

Nextcloud: XSS in PDF Viewer

An outdated version of PDF.js in use allows for the CVE-2018-5158 vulnerability. When the payload PDF is shown in the supplied PDF viewer, it can execute arbitrary JavaScript. I have tested the payload PDF, and it is working in the Safari 13.0.5 the latest version and Firefox 74.0 the latest...

OMRON CX-Supervisor Vulnerable Third-Party Component Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Teamviewer tha...

WordPress facebook-for-woocommerce plugin cross-site request forgery vulnerability (CNVD-2019-30104)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers. facebook-for-woocommerce is a plug-in that enables marketing through Facebook. A cross-site request forgery vulnerability exis...

cPanel cross-site scripting vulnerability (CNVD-2019-28987)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A cross-site scripting vulnerability exists in the listftpstable AP in versions prior to cPanel 60.0.25. The vulnerabili...

Mozilla Thunderbird < 60.7.2

The version of Thunderbird installed on the remote Windows host is prior to 60.7.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-20 advisory. - Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can...

Design/Logic Flaw

A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit...

Ruby on Rails 'CVE-2019-5418' LFI (Local File Inclusion) Vulnerability

The web application on the remote host is prone to a LFI Local File Inclusion vulnerability if the hosting system is running an outdated version of Ruby on Rails. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Discourse 'CVE-2019-5418' LFI Vulnerability - Active Check

Discourse is prone to a LFI Local File Inclusion vulnerability if the hosting system is running an outdated version of Ruby on Rails. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Apache Tomcat 7.0.0 < 7.0.70

The version of Tomcat installed on the remote host is prior to 7.0.70. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.70security-7 advisory. - The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70...

WakaTime: Using an outdated version of OpenSSH on db01.wakatime.com

Hii team once again, Hope you are better I have found that db01.wakatime.com is using an outdated version OpenSSH version leading to multiple vulnerability. How i find it I scanned the domain with nmap and it gives me a open port 222 and when i connect it with ncat it get connected and shows the...

Nextcloud: xss on demo.nextcloud.com due to outdated version

Hello. I found the possibility of introducing "html-tag" and of xss attack in the form of adding comments. Details video. Payload: Browser: Firefox 49.0 OS: Ubuntu 16.04...

IRCCloud: Exposed, outdated nginx server (v1.4.6) potentially vulnerable to heap-based buffer overflow & RCE

Summary ======== During my reconnaissance for your bug bounty program, I discovered an instance of nginx version 1.4.6 running at the IP address https://54.153.101.52. To locate it, I search for IRCCloud-related certificated and found the self-signed certificate for this server...

Drupal 6.x < 6.37 Multiple Vulnerabilities

Binary data 9215.prm...

Drupal 7.x < 7.38 Multiple Vulnerabilities

Binary data 9217.prm...