BIT-TYPO3-2020-11063

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

Checkout Mestres WP < 7.1.9.8 - Authentication Bypass via Password Reset

Description The plugin is vulnerable to authentication bypass due to a weak password reset functionality, allowing unauthenticated attackers to reset the password of arbitrary users to a guessable value based on the current time...

Amazon Linux 2 : openssl (ALAS-2023-1935)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1935 advisory. A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a...

CVE-2022-3907

The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options...

GHSA-VJXX-54VW-Q59F Moodle SSRF Vulnerability

The editblog.php script allows a registered user to add external RSS feed resources. It was identified that this feature could be abused to be used as a SSRF attack vector by adding a malicious URL/TCP PORT in order to target internal network or an internet hosted server, bypassing firewall rules...

Potentially depositing at unfavorable rate since anyone can deposit the entire lenderPool to a known strategy at a pre-fixed time

Lines of code Vulnerability details Impact An attacker could keep track of the totalSupply of each LenderPool to see if it is more than the minBorrowAmount. If so, at startTime, which is pre-announced, the attacker could call start, which will trigger SAVINGSACCOUNT.deposit of the entire pool...

SQL Injection

Dolibarr/dolibarr is vulnerable to SQL injection. An authenticated user with privileges to view customer orders could perform a Time Based attack via the POST parameter objectstatus in commande/stats/index.php...

Aptean Product Configurator Windows SQL Injection Vulnerability

Aptean Product Configurator is a product configurator from Aptean USA. Aptean Product Configurator Windows version 4.61.0000 suffers from a SQL injection vulnerability that stems from a time-based SQL injection affecting the nameTxt parameter on the main login page aka cse?cmd= login. No details ...

PYSEC-2020-37

In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authentication is used or configured, i.e. BASICAUTHLOGIN and BASICAUTHPASSWORD is set. Currently the string comparison between configured credentials and the ones provided by users is...

CVE-2020-11063

TYPO3 CMS 10.4.0–10.4.1 contains a time‑based information disclosure vulnerability in the backend password reset flow that lets an attacker enumerate backend users by email. The issue has been fixed in 10.4.2, as documented by CVE-2020-11063 sources (NVD/OSV/Typer3 advisories). The CVSS base metr...

CVE-2020-8596

participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, listfiltercount, or sortBy parameters. It is possible to exfiltrate data and potentially execute code if certain conditions are m...

50m-ctf: `Cody trolled us all` h1-702 CTF write-up

Premise I use not to play CTF challenges because they usually absorb me entirely. I cannot think of anything else but "I want that flag!". That said, this is going to be a long story: no princess, no dragoons, only a tweet. https://twitter.com/Hacker0x01/status/1100543680383832065 Level 0 - Nothi...

Sql injection

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist...

CVE-2018-5211

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist...

CVE-2018-5211

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist...

CVE-2018-5211

Consolidated details show CVE-2018-5211 affecting PHP Melody 2.7.1 with a SQL Injection vulnerability in ajax.php (playlist parameter). The issue is described with high/critical severity (NVD CVSS2 base 7.5, CVSS3 base 9.8). Multiple sources (NVD, CNVD/CVE lists, PRION, CVELIST) corroborate a tim...

Mirage – Fancy Clone - SQL Injection

Mirage – Fancy Clone - SQL Injection Mirage – Fancy Clone, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use the time-based and Boolean...

Code Injection (Timing Attack)

A modern web application will be reliant on several different programming languages. These languages can be broken up in two flavours. These are client-side languages such as those that run in the browser -- like JavaScript and server-side languages which are executed by the server -- like ASP,...

PHP Forum Script v3.0 - SQL Injection

PHP Forum Script v3. 0 - SQL Injection PHP Forum Script v3. 0, the presence of the parameter filter is not strict, leading to a sql injection vulnerability, if the other server is turned on the error display, can directly use, if you turn off the error display, you can use the time-based and...

The vulnerability of the Thunderbird email client, which allows a malicious individual to gain access to confidential information

The Thunderbird email client contains a vulnerability related to errors in the implementation of the SVG filter. This vulnerability allows a malicious actor to gain access to confidential information about displacement and correlations, as well as to circumvent domain restriction policies. The...