PT-2020-14937 · Cellopoint · Cellopoint Cellos

Name of the Vulnerable Software and Affected Versions: Cellopoint Cellos version 4.1.10 Build 20190922 Description: The issue concerns improper validation of URL input. An attacker can manipulate the URL parameter using the cookie of an authenticated user to access arbitrary files on the system...

PT-2020-14935 · Cellopoint · Cellopoint Cellos

Name of the Vulnerable Software and Affected Versions: Cellopoint Cellos version 4.1.10 Build 20190922 Description: The issue arises from improper validation of URL input. An attacker can exploit this by injecting and remotely executing arbitrary commands to manipulate the system, provided they...

CVE-2020-7008

CVE-2020-7008 affects VISAM VBASE Editor 11.5.0.2 and VBASE Web-Remote Module. A path traversal vulnerability lets an attacker supply unverified URL input to read arbitrary local files. Red Hat and CVE records confirm the issue and ICS/CISA advisories reference the same affected products. Mitigat...

CVE-2019-16985

In FusionPBX up to v4.5.7, the file app\xmlcdr\xmlcdrdelete.php uses an unsanitized "rec" variable coming from the URL, which is base64 decoded and allows deletion of any file of the system...

GitLab: Stored XSS for Grafana dashboard URL

Hi GitLab Security Team Summary I found a stored XSS vulnerability in the admins page. The administrator can set up a Grafana dashboard. Here, the administrator can either enter a relative URL or an absolute address. However, when adding an absolute URL, the protocol is not checked allowing to ad...

CVE-2019-0337

Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs and allows an attacker to execute malicious scripts in the url thereby resulting in Reflected Cross-Site Scripting XSS vulnerability...

DEBIAN-CVE-2019-7329

Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

WordPress Multiple Vulnerabilities (Dec 2018) - Linux

WordPress is prone to multiple vulnerabilities. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Directory traversal

Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...

CVE-2017-1000448

Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...

CVE-2017-1000448

Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host...

CVE-2017-1000448

CVE-2017-1000448 affects Structured Data Linter, versions 2.4.1 and older. The root cause is a directory traversal vulnerability in the URL input field, which can disclose information about the remote host. Public documentation in the provided sources confirms the vulnerability and affected versi...

Open Redirect

phpBB is vulnerable to open redirects. The library does not properly check user input URLs, allowing a malicious user to redirect users using the Google Chrome Browser to a malicious website...

USN-3275-1 openjdk-8 vulnerabilities

It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. CVE-2017-3509 It was discovered that an untrusted library search path fl...

Radancy: XSS

https://werkenbijdefensie.nl/vacatures/kla03vc%3cimg%20src%3da%20onerror%3dalert1%3ehm505/bouw/ The value of the URL path folder 2 is copied into the HTML document as plain text between tags. The payload a03vchm505 was submitted in the URL path folder 2. This input was echoed unmodified in the...

HackerOne: IE 11 Self-XSS on Jira Integration Preview Base Link

I wasn't sure if you would accept this report due to it being Self-XSS, but I figured it might be useful information because it breaks one of the flows used to validate URLs. Steps ==================== 1. Launch IE 11 2. Log into a HackerOne account that has admin on a program. 3. Go to the...

Kodi Local File Inclusion Vulnerability

Kodi formerly XBMC is a free and open source media player software application developed by the XBMC Foundation.Chorus is the web interface used to control and interact with Kodi. Kodi suffers from a local file inclusion vulnerability that stems from insufficient validation of user input performe...

Switch 4.68 Code Execution

Document Title: =============== Switch v4.68 - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1649 Release Date: ============= 2015-11-23 Vulnerability Laboratory ID VL-ID: ==================================== 1649 Common...

FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution

FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution !/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP...

SupportEzzy Ticket System WordPress Plugin Stored XSS Vulnerability

SupportEzzy is an elegant support tickets system and faqs portal for WordPress. This is a stand-alone AngularJS app which runs on a single WordPress page of your website. This app does not interfere with your existing theme and plugins and will work with any kind of WordPress website. You can use...