Improper Input Validation

gitlab is vulnerable to Improper input validation. A remote attacker with developer privileges is able to read protected group or project CI/CD variables by importing a malicious project...

PimpMyLog 1.7.14 Improper Access Control

Exploit Title: PimpMyLog v1.7.14 - Improper access control Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from...

PimpMyLog v1.7.14 - Improper access control Exploit

Exploit Title: PimpMyLog v1.7.14 - Improper access control Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from improper access contro...

PimpMyLog v1.7.14 - Improper access control

Exploit Title: PimpMyLog v1.7.14 - Improper access control Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from...

GHSA-7GJ7-224W-VPR3 Spring-boot-admin sandbox bypass via crafted HTML

Thymeleaf through 3.1.1.RELEASE as used in spring-boot-admin aka Spring Boot Admin through 3.1.1 allows for a sandbox bypass via crafted HTML. This may be relevant for SSTI Server Side Template Injection and code execution in spring-boot-admin if MailNotifier is enabled and there is write access ...

CVE-2023-38286

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin aka Spring Boot Admin through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI Server Side Template Injection and code execution in spring-boot-admin if MailNotifier is enabled and there i...

Design/Logic Flaw

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin aka Spring Boot Admin through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI Server Side Template Injection and code execution in spring-boot-admin if MailNotifier is enabled and there i...

[20231101] - Core - Exposure of environment variables

Joomla! CMS versions 1.6.0-4.4.0, 5.0.0...

Thymeleaf 命令注入漏洞

Thymeleaf-Spring5 is an open source modern server-side Java template engine for web and standalone environments from the Thymeleaf team. A security vulnerability exists in Thymeleaf version 3.1.1.RELEASE and prior versions. An attacker can exploit the vulnerability to gain write access to...

CVE-2023-38286

Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin aka Spring Boot Admin through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI Server Side Template Injection and code execution in spring-boot-admin if MailNotifier is enabled and there i...

CVE-2023-38286

Thymeleaf 3.1.1.RELEASE (used in Spring Boot Admin up to 3.1.1) is affected by a sandbox bypass via crafted HTML, enabling potential SSTI and code execution if MailNotifier is enabled with write access to environment variables in the UI. Affected products: Thymeleaf 3.1.1.RELEASE and Spring Boot ...

ethyca-fides Webserver API Path Traversal vulnerability

Impact A path traversal directory traversal vulnerability affects fides versions lower than 2.15.1, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. Patches The vulnerability is patched in fides 2.15.1. Users should upgrade to this version...

GHSA-R25M-CR6V-P9HQ ethyca-fides Webserver API Path Traversal vulnerability

Impact A path traversal directory traversal vulnerability affects fides versions lower than 2.15.1, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. Patches The vulnerability is patched in fides 2.15.1. Users should upgrade to this version...

Hashicorp Nomad ACLs Cannot Deny Access to Workload’s Own Variables

A vulnerability was identified in Nomad and Nomad Enterprise “Nomad” such that a deny ACL capability could not be applied to a workload’s own variables. If included, the Nomad ACL system will silently fail to block access. This vulnerability, CVE-2023-1296, was fixed in Nomad 1.4.6 and 1.5.1...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2023-37132

A stored cross-site scripting XSS vulnerability in the custom variables module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

Buffer overflow

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

Buffer overflow

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

PT-2023-25794 · Eyoucms · Eyoucms

Name of the Vulnerable Software and Affected Versions: eyoucms version 1.6.3 Description: A stored cross-site scripting XSS issue in the custom variables module allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This could potentially lead to the execution of malicio...