Lucene search
+L

156 matches found

wpexploit
wpexploit
added 2022/08/31 12:0 a.m.627 views

Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. 1 - Install and activate "Generate PDF using Contact Form 7 Version 3.5" 2 - Click on "Contact - Add new...

4.8CVSS0.5AI score0.00544EPSS
Exploits2
hackerone
hackerone
added 2022/07/06 2:31 p.m.10 views

U.S. Dept Of Defense: SSRF in Functional Administrative Support Tool pdf generator (████) [HtUS]

Summary: I found that it is possible to inject a javascript payload during the PDF form creation process, which is then executed by the checklist application server. Vulnerable Software: Functional Administrative Support Tool FAST v1.0 Intro: ██████████ Administrative clerks create a dynamic acti...

Exploits0
nvd
nvd
added 2022/04/11 8:15 p.m.15 views

CVE-2022-1067

Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting...

6.5CVSS0.0085EPSS
Exploits0References1
prion
prion
added 2022/04/11 8:15 p.m.13 views

Authentication flaw

Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting...

4CVSS6.5AI score0.0085EPSS
Exploits0References1Affected Software1
cve
cve
added 2022/04/11 7:38 p.m.80 views

CVE-2022-1067

The CVE-2022-1067 issue affects LifePoint Informatics Patient Portal (Product: LifePoint Informatics Patient Portal; Affected Version: LPI 3.5.12.P30). It is an Authentication Bypass using an alternate path or channel (CWE-288) where navigating to a URL with a patient ID causes the server to gene...

6.5CVSS6.5AI score0.0085EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/04/11 7:38 p.m.16 views

CVE-2022-1067 ICSMA-22-095-01 LifePoint Informatics Patient Portal

Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting...

6.5CVSS6.7AI score0.0085EPSS
Exploits0References1
osv
osv
added 2022/01/12 7:15 p.m.24 views

CVE-2021-42560

An issue was discovered in CALDERA 2.9.0. The Debrief plugin receives base64 encoded "SVG" parameters when generating a PDF document. These SVG documents are parsed in an unsafe manner and can be leveraged for XXE attacks e.g., File Exfiltration, Server Side Request Forgery, Out of Band...

8.8CVSS6.9AI score0.02148EPSS
Exploits1References2
cnnvd
cnnvd
added 2022/01/12 12:0 a.m.7 views

Caldera 代码问题漏洞

Caldera is a suite of software from the French company Caldera that provides color management, imaging and processing solutions for printer devices. A code issue exists in Caldera where the Debrief plug-in receives base64-encoded "SVG" parameters that are parsed incorrectly when the product...

8.8CVSS8AI score0.02148EPSS
Exploits1References3
nvd
nvd
added 2020/11/24 5:15 p.m.26 views

CVE-2020-24815

A Server-Side Request Forgery SSRF affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a...

6.5CVSS6.3AI score0.01836EPSS
Exploits1References2
prion
prion
added 2020/11/24 5:15 p.m.15 views

Server side request forgery (ssrf)

A Server-Side Request Forgery SSRF affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a...

4CVSS6.3AI score0.01836EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2020/11/24 4:48 p.m.24 views

CVE-2020-24815

A Server-Side Request Forgery SSRF affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a...

6.3AI score0.01836EPSS
Exploits1References2
cve
cve
added 2020/11/24 4:48 p.m.48 views

CVE-2020-24815

CVE-2020-24815 describes a Server-Side Request Forgery (SSRF) in MicroStrategy’s PDF generation. Affected products are MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2. The vulnerability allows an authenticated user to access internal network resources or leak files from the loc...

6.5CVSS6.3AI score0.01836EPSS
Exploits1References2Affected Software1
ptsecurity
ptsecurity
added 2020/11/24 12:0 a.m.1 views

PT-2020-15840

Name of the Vulnerable Software and Affected Versions MicroStrategy versions 10.4, 2019 before Update 6, and 2020 before Update 2 Description A Server-Side Request Forgery SSRF issue affects the PDF generation, allowing authenticated users to access internal network resources or leak local system...

6.5CVSS6.6AI score0.01836EPSS
Exploits1References9
osv
osv
added 2020/03/30 6:15 p.m.3 views

CVE-2020-8509

Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure...

7.5CVSS7.1AI score0.10362EPSS
Exploits0References1
centos
centos
added 2020/01/28 9:28 p.m.102 views

python security update

CentOS Errata and Security Advisory CESA-2020:0195 An update for python-reportlab is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

9.8CVSS7.5AI score0.10231EPSS
Exploits1References7
redhat
redhat
added 2020/01/27 8:42 a.m.70 views

Important: Red Hat Security Advisory: python-reportlab security update

An update for python-reportlab is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

9.8CVSS7.5AI score0.10231EPSS
Exploits1References2
hackerone
hackerone
added 2020/01/22 10:20 a.m.267 views

h1-ctf: [h1-415 2020] H1-415 CTF Writeup by W--

H1-415 CTF Writeup Intro HackerOne kicked off this year's H1-415 CTF with the following tweet: F692033 Loading the target challenge website shows that the website is called My Docz Converter. A quick look at the challenge website shows that it allows users to register an account and then upload a...

0.2AI score
Exploits0
hackerone
hackerone
added 2020/01/21 11:32 p.m.225 views

h1-ctf: [h1-415 2020] finally

add or chars behind Joberts email, which leaks on the login page 2. register a new account using that email 3. sign out and use the recover feature with the just generated qr code. this will get you into Joberts account 3. head to /support and submit a blind XSS payload which extracts the...

6.2AI score
Exploits0
hackerone
hackerone
added 2019/11/23 11:15 p.m.9 views

U.S. Dept Of Defense: Unprotected ██████ and Test site API Exposes Documents, Credentials, and Emails in ██████████ Proposal System

Summary: The test/integration API of the █████ web services is publicly exposed: disclosing documents, emails, and credentials to what appears to be the Seaport Bid proposal system. Because I did not attempt any exploitation outside of that necessary to deem this a reportable issue, it is not cle...

Exploits0
nvd
nvd
added 2019/03/27 6:29 p.m.45 views

CVE-2019-1000031

A disk space or quota exhaustion issue exists in article2pdfgetfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in...

7.5CVSS7.5AI score0.0373EPSS
Exploits2References3
Rows per page
Query Builder