CVE-2024-28722

CVE-2024-28722 affects Innovaphone myPBX v12r2–14r1. A cross-site scripting flaw allows a remote attacker to trigger arbitrary code execution via the query parameter to /CMD0/xml_modes.xml. Impact notes from sources indicate web UI/scriptable context with potential credential concerns in related ...

PT-2024-22540 · Innovaphone · Innovaphone Pbx

Name of the Vulnerable Software and Affected Versions: Innovaphone myPBX versions 12r2 through 14r1 Description: The issue allows a remote attacker to execute arbitrary code via the query parameter to the "/CMD0/xml modes.xml" endpoint. This enables the attacker to perform actions such as injecti...

CVE-2024-28722

Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xmlmodes.xml endpoint...

Keycloak vulnerable to session hijacking via re-authentication

A flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authentication having the query parameter prompt=login and forcing the user to enter his credentials once again. If the user cancels this re-authentication by clicking Restart login, the account takeover...

GHSA-2WRP-6FG6-HMC5 Spring Framework URL Parsing with Host Validation

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

CVE-2024-22262

Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is...

Remote Code Execution (RCE)

aim is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper user access restriction to the RunView object, allowing for the execution of arbitrary code via a crafted query parameter to the /api/runs/search/run/ endpoint...

CVE-2024-30214

The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response. Under certain circumstances, if the parameter contains a JavaScript, the script could be processed on client side...

CVE-2024-30214 Cross-Site Scripting (XSS) vulnerability in SAP Business Connector

The application allows a high privilege attacker to append a malicious GET query parameter to Service invocations, which are reflected in the server response. Under certain circumstances, if the parameter contains a JavaScript, the script could be processed on client side...

CVE-2024-28867

Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies un-sanitized string values into metric names or labels, an attacker could make use of this and send a ?lang query parameter containing newlines, or similar...

Security Bulletin: Vulnerability in Spring Data MongoDB might affect IBM Storage Copy Data Management. [CVE-2022-22980]

Summary IBM Storage Copy Data Management can be affected by a vulnerability in Spring Data MongoDB. A remote attacker could exploit this vulnerability to execute arbitrary code on the system as described by the CVEs in the "Vulnerability Details" section. Vulnerability Details CVEID:CVE-2022-2298...

CVE-2023-40275

An issue was discovered in OpenClinic GA 5.247.01. It allows retrieval of patient lists via queries such as findFirstname= to common/search/searchByAjax/patientslistShow.jsp...

CVE-2024-22259 CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF...

MHA Sistemas arMHAzena Security Vulnerabilities

MHA Sistemas arMHAzena is a platform from MHA Sistemas USA. It allows for the centralized management of multiple sites and logistics operations at the same time. A security vulnerability exists in MHA Sistemas arMHAzena version 9.6.0.0, which stems from the parameter Query of the component Cadast...

BIT-GOLANG-2022-2880 Incorrect sanitization of forwarded query parameters in net/http/httputil

Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparsable value. After fix, ReverseProxy sanitizes the quer...

CentOS 9 : grafana-9.0.9-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the grafana-9.0.9-2.el9 build changelog. - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by...

PT-2024-15675 · WordPress · The Awesome Support – Wordpress Helpdesk & Support Plugin

Name of the Vulnerable Software and Affected Versions: The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress versions up to, and including, 6.1.7 Description: The issue is related to a union-based SQL Injection vulnerability via the q parameter of the wpas get users actio...

CVE-2023-5372

The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21AAZF.15C0 and NAS542 firmware versions through V5.21ABAG.12C0 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands by sending a crafte...

CVE-2023-5372

The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21AAZF.15C0 and NAS542 firmware versions through V5.21ABAG.12C0 could allow an authenticated attacker with administrator privileges to execute some operating system OS commands by sending a crafte...

RHCOS 4 : OpenShift Container Platform 4.12.3 (RHSA-2023:0727)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0727 advisory. - golang: archive/tar: github.com/vbatts/tar-split: unbounded memory consumption when reading headers CVE-2022-2879 - golang:...