314 matches found
OpenTelemetry Instrumentation for Java Information Disclosure Vulnerability
OpenTelemetry Instrumentation for Java is an OpenTelemetry open source Java agent JAR. An information disclosure vulnerability exists in OpenTelemetry Instrumentation for Java prior to version 1.28.0, which stems from the fact that when detecting a SES POST request, the request's query parameter ...
Social-Commerce 3.1.6 Cross Site Scripting
Exploit Title: Social-Commerce 3.1.6 - Reflected XSS Exploit Author: CraCkEr Date: 28/07/2023 Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://social-commerce.moosocial.com/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4174...
CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...
CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...
U.S. Dept Of Defense: Adobe ColdFusion Access Control Bypass - CVE-2023-38205
A vulnerability in Adobe ColdFusion was discovered that allowed bypassing access controls by using malicious path traversal in URLs targeting the /CFIDE/wizards/common/utils.cfc endpoint. This enabled attackers to reach endpoints that should have been restricted. The issue affected Adobe ColdFusi...
Gira KNX/IP-Router 路径遍历漏洞
The Gira KNX/IP-Router is a secure router for public buildings from Gira. A security vulnerability exists in Gira KNX/IP-Router versions 3.1.3683.0 and 3.3.8.0, which stems from a vulnerability that allows an attacker to read sensitive files via a directory traversal sequence in a URL...
URL Restriction Bypass
Description In attempting to fix a previous issue, the PATTERNUSERINFO regular expression was changed. This change introduced another way to bypass the URL allowlist by introducing non-alphanumeric characters into the user information part of the URL. Proof of Concept Run PlantUML with...
CVE-2023-29837
Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution EUCS v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page...
Cross site scripting
Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution EUCS v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page...
CVE-2023-29837
The CVE describes a Cross-Site Scripting (XSS) vulnerability in Exelysis Unified Communication Solution (EUCS) v1.0. The issue affects the eucsAdmin login web page, where an attacker can craft a URL path to execute scripts, potentially enabling remote privilege gain. The NVD/CVE metadata indicate...
CVE-2023-29837
Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution EUCS v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page...
Directorist < 7.5.4 - Admin+ LFI
The plugin is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files. This PoC will work on Linux systems. 1. Navigate to the URL path: /wp-admin/edit.php?posttype=atbizdir&page=tools&step=2&file=/etc/passwd&delimiter=; 2.. You will be presented wit...
NewStart CGSL CORE 5.05 / MAIN 5.05 : python Multiple Vulnerabilities (NS-SA-2023-0008)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python packages installed that are affected by multiple vulnerabilities: - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker...
K6924: Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
CVE-2023-26265
The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borgpreprocesspage in the file template.php does not properly sanitize incoming path arguments before using them...
Exploit for CVE-2020-13933
CVE-2020-13933 靶场 shiro 权限配置, 当请求 /res/ 资源时, 302 跳转到登陆页面进行身份认证 - NameController.java: · /res/name: 请求名为 name 的的资源(触发身份认证) · /res/: 不请求任何资源(不触发身份认证) 靶场验证 不在请求路由中指定资源名称时,不触发身份验证,也无资源返回: http://127.0.0.1:8080/res/ 在请求路由中指定资源名称时,302 跳转到身份验证页面: http://127.0.0.1:8080/res/poc 构造特定 PoC...
SUSE CVE-2021-29492
Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A...
IBM Cloud Pak for Multicloud Management Monitoring has an unspecified vulnerability (CNVD-2023-08052)
IBM Cloud Pak for Multicloud Management is an application from International Business Machines IBM, Inc. used to manage the default functionality of multi-cloud environments. a security vulnerability exists in IBM Cloud Pak for Multicloud Management Monitoring version 2.0, version 2.3. An attacke...
CVE-2022-42438
CVE-2022-42438 affects IBM Cloud Pak for Multicloud Management Monitoring 2.0 and 2.3. A root cause of the issue is an insufficient restriction of a directory path, allowing users without admin roles to access admin functions by specifying direct URL paths. Supported details from connected source...
U.S. Dept Of Defense: XSS on ( █████████.gov ) Via URL path
An XSS vulnerability was discovered on a government website, allowing an attacker to execute malicious code on the victim's browser and steal their cookies, potentially leading to account takeover. The vulnerability was exploited by injecting a script into the URL path. The suggested mitigation i...