CVE-2023-27638

CVE-2023-27638 concerns the PrestaShop module tshirtecommerce (Custom Product Designer) v2.1.4. The issue arises from an unauthenticated SQL injection via the parameter tshirtecommerce_design_cart_id , caused by an insecure handling of this input in the functions hookActionCartSave and updateCust...

memos 跨站请求伪造漏洞

memos is an open source hosted memo center with knowledge management and social features. memos suffers from a cross-site request spoofing vulnerability, which can be exploited by attackers to manipulate the behavior of authenticated users by tricking them into clicking on malicious links or...

CVE-2022-45060

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...

CVE-2022-45060

An HTTP Request Forgery issue was discovered in Varnish Cache 5.x and 6.x before 6.0.11, 7.x before 7.1.2, and 7.2.x before 7.2.1. An attacker may introduce characters through HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce...

GHSA-G43X-PCC9-F472 Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference

Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses...

Cross site scripting

Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, an attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user accesses the data stor...

Cross site request forgery (csrf)

An issue was discovered in the webmail component in Zimbra Collaboration Suite ZCS 8.8.15 and 9.0. When using preauth, CSRF tokens are not checked on some POST endpoints. Thus, when an authenticated user views an attacker-controlled page, a request will be sent to the application that appears to ...

CVE-2022-33929

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the...

CVE-2022-2216 Server-Side Request Forgery (SSRF) in ionicabizau/parse-url

Server-Side Request Forgery SSRF in GitHub repository ionicabizau/parse-url prior to 7.0.0...

OneBlog entryUrls parameter server-side request forgery vulnerability

OneBlog is a Java blog. version v2.3.4 of OneBlog contains a server-side request forgery vulnerability in which the source parameter entryUrls fails to properly validate user input and can be exploited to probe the server's intranet resources...

Cross site scripting

Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in saveGroupConfigurations page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser ...

Cross site scripting

Dell PowerStore Versions before v2.1.1.0. contains a Stored Cross-Site Scripting vulnerability. A high privileged network attacker could potentially exploit this vulnerability, leading to the storage of malicious HTML or JavaScript codes in a trusted application data store. When a victim user...

XML external entity vulnerability in Jenkins Nuget Plugin

Jenkins Nuget Plugin 1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This XML parser is used for the "Build on NuGet updates" feature. This allows attackers with the ability to control the contents of the packages.config file in a workspace to have...

OATHAuth extension in MediaWiki is not implementing rate limit

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.9 and 1.32.x through 1.34.x before 1.34.3. For Wikis using OATHAuth on a farm/cluster such as via CentralAuth, rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across ma...

GHSA-GCJ7-J438-HJJ2 Smokescreen SSRF via deny list bypass

The primary use case for Smokescreen is to prevent server-side request forgery SSRF attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional e.g., external URLs by way of...

Online Banquet Booking System 1.0 Cross Site Request Forgery Vulnerability

Exploit Title: Online Banquet Booking System - 'change admin credentials' Cross-Site Request Forgery CSRF Date: 04/04/2022 Exploit Author: Saud Alenazi Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/online-banquet-booking-system-using-php-and-mysql/ Version: 1.0...

CVE-2022-24789 Deserialization of untrusted data in C1 CMS.

C1 CMS is an open-source, .NET based Content Management System CMS. Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery SSRF by causing the server to make arbitrary GET requests to other servers in the local network or on localhost. The attacker may also...

CVE-2021-46107

Ligeo Archives Ligeo Basics as of 0201-2022 is vulnerable to Server Side Request Forgery SSRF which allows an attacker to read any documents via the download features...

Xerte 3.9 Remote Code Execution

Exploit Title: Xerte 3.9 - Remote Code Execution RCE Authenticated Date: 05/03/2021 Exploit Author: Rik Lutz Vendor Homepage: https://xerte.org.uk Software Link: https://github.com/thexerteproject/xerteonlinetoolkits/archive/refs/heads/3.8.5-33.zip Version: up until version 3.9 Tested on: Windows...

WordPress Flight Search Widget and Blocks plugin <= 1.1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Flight Search Widget and Blocks plugin versions = 1.1.0. Solution No patched version available...