CVE-2022-24818 Unchecked JNDI lookups in GeoTools

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...

Information Disclosure

github.com/argoproj/argo-cd is vulnerable to information disclosure. The vulnerability exists in application resource APIs because the access controls are not properly handled which allows an attacker to escalate their privileges to admin-level and access the sensitive information...

CVE-2021-4201

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

Improper access control

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

CVE-2021-4201 Pre-authentication session hijacking

Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions prior to 7.1.1; 6.5 versions prior...

WP Review Slider < 11.0 - Admin+ SQL Injection

The plugin does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks Create a Twitter Source, copy it via the 'Copy' button, then change the pid parameter in the URL to 1000 UNION ALL SELECT...

Orange Form <= 1.0 - SQL Injection via CSRF

In the plugin, the processbulkaction function in "admin/orange-form-email.php" performs an unprepared SQL query with an unsanitized parameter $id. Only admin can access the page that invokes the function, but because of lack of CSRF protection, it is actually exploitable and could allow attackers...

CVE-2021-44227

A Cross-Site Request Forgery CSRF attack can be performed in mailman due to a CSRF token bypass. CSRF tokens are not checked against the right type of user when performing admin operations and a token created by a regular user can be used by an admin to perform an admin-level request, effectively...

Ivanti Avalanche User Management Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the userManagement.jsf page. The issue results from improper authentication. An attacker can...

CVE-2021-25956

In “Dolibarr” application, v3.3.beta120121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of the victim user. This happens since t...

CVE-2021-32811

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...

M-vSlider <= 2.1.3 - Authenticated (admin+) SQL Injection

The update functionality in the rsliderpage uses an rsid POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users having Administrator role. POST /wp-admin/admin.php?page=rsliderpage&updated=true HTTP/1.1 Host:...

CVE-2020-13409

Tufin SecureTrack R20-2 GA contains reflected + stored XSS as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users. Both stored, and reflected payloads are triggerable by admin, so...

CVE-2020-13409

Tufin SecureTrack R20-2 GA contains reflected + stored XSS as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users. Both stored, and reflected payloads are triggerable by admin, so...

Backdoor account found in 100,000+ Zyxel Firewalls, VPN Gateways

By Deeba Ahmed Researchers have discovered a hard-coded admin-level backdoor account as a Zyxel firmware binary revealing username and password. This is a post from HackRead.com Read the original post: Backdoor account found in 100,000+ Zyxel Firewalls, VPN Gateways...

CVE-2020-5426

CVE-2020-5426 affects the TAS Scheduler prior to version 1.4.0, which could transmit the UAA client token in plaintext over non-TLS connections. The risk is influenced by MySQL server configuration used to cache the token; interception could grant an attacker admin-level access in the cloud contr...

The vulnerability of the central control server of SiNVR 3 allows a hacker to read or modify the database of the central control server, as well as perform operations on the databases or operating system commands with administrator privileges.

The vulnerability of the central control server of SiNVR 3 Central Control Server lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to remotely read or modify the central control server’s database, as well as perform operations o...

Description of the cumulative update for Lync 2010 Attendee - Administrator level installation: June 2012

Describes the cumulative update for Lync 2010 Attendee, Administrator level installation that is dated June 2012.SummaryThis article describes the issue that is fixed in the cumulative update for Microsoft Lync 2010 Attendee - Administrator level installation that is dated June 2012.This article...

Cross site scripting

Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins Tenable IDs 5218 and 5269...

Cross site scripting

Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. Tenable ID 5198...