Information Disclosure

github.com/ipfs/go-ipfs is vulnerable to information disclosure. The vulnerability exists in docker-compose.yaml because the resulting list of listeners when running IPFS are either public or bound to public IPs which allows an attacker to gain admin API access to the IPFS node and control user...

CVE-2022-24112

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...

Default configuration

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...

CVE-2022-24112

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...

PT-2022-2569

Name of the Vulnerable Software and Affected Versions: Apache APISIX versions 2.12.1 Description: The issue concerns an authentication bypass vulnerability in Apache APISIX, where an attacker can exploit the batch-requests plugin to send requests and bypass the IP restriction of the Admin API. Th...

UBUNTU-CVE-2021-45327

Gitea before 1.11.2 is affected by Trusting HTTP Permission Methods on the Server Side when referencing the vulnerable admin or user API. which could let a remote malisious user execute arbitrary code...

Design/Logic Flaw

In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it f...

CVE-2021-41571 Pulsar Admin API allows access to data from other tenants using getMessageById API

In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it f...

CVE-2021-41571

CVE-2021-41571 affects Apache Pulsar. The vulnerability arises from improper validation of the ledger id in the Admin API get-message-by-id, allowing a user to read BookKeeper data for tenants other than their own via the topic- and ledger-id context. Affected versions include Pulsar 2.8.0 and ol...

Keycloak: Incorrect authorization allows unpriviledged users to create other users

A flaw was found in Keycloak version from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled...

GHSA-83X4-9CWR-5487 Improper Authorization in Keycloak

A incorrect authorization flaw was found in Keycloak 12.0.0, the flaw allows an attacker with any existing user account to create new default user accounts via the administrative REST API even where new user registration is disabled...

MipCMS 跨站请求伪造漏洞

MipCMS is a software application. A set of content management system based on Baidu Mobile Accelerator MIP and development, but also a set of SEO site building system. MipCMS version 5.0.1 has a security vulnerability, the vulnerability stems from the lack of valid validation in the software...

Exposure of Sensitive Information to an Unauthorized Actor

Shopware is an open source eCommerce platform. In versions prior to 6.4.1.1 the admin api has exposed some internal hidden fields when an association has been loaded with a to many reference. Users are recommend to update to version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the...

CentOS Web Panel 0.9.8.1081 Cross Site Scripting

Exploit Title: CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting XSS Date: 13/08/2021 Exploit Author: Dinesh Mohanty Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: v0.9.8.1081 Tested on: CentOS 7 and 8 Description: Multiple Stored Cross Site...

CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting (XSS)

Exploit Title: CentOS Web Panel 0.9.8.1081 - Stored Cross-Site Scripting XSS Date: 13/08/2021 Exploit Author: Dinesh Mohanty Vendor Homepage: http://centos-webpanel.com Software Link: http://centos-webpanel.com Version: v0.9.8.1081 Tested on: CentOS 7 and 8 Description: Multiple Stored Cross Site...

CVE-2021-32753

EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...

CVE-2021-32753 Weak password in API gateway in EdgeX Foundry Edinburgh, Fuji, Geneva, and Hanoi releases allows remote attackers to obtain authentication token via dictionary-based password attack when OAuth2 authentication method is enabled.

EdgeX Foundry is an open source project for building a common open framework for internet-of-things edge computing. A vulnerability exists in the Edinburgh, Fuji, Geneva, and Hanoi versions of the software. When the EdgeX API gateway is configured for OAuth2 authentication and a proxy user is...

CVE-2021-35941

Western Digital WD My Book Live 2.x and later and WD My Book Live Duo all versions have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472...

VulnCheck KEV: CVE-2021-35941

Western Digital WD My Book Live 2.x and later and WD My Book Live Duo all versions have an administrator API that can perform a system factory restore without authentication, as exploited in the wild in June 2021, a different vulnerability than CVE-2018-18472...

Internal hidden fields are visible on to many associations in admin api

Impact The admin api has exposed some internal hidden fields when an association has been loaded with a to many reference Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview...