CVE-2021-40415

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. In cgicheckability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the...

CVE-2021-40415

CVE-2021-40415 concerns the Reolink RLC-410W (v3.0.0.136_20121102). The issue resides in the cgiserver.cgi function cgi_check_ability: several APIs (including most sensitive ones) have no explicit case, causing a default permission value of 7 to be applied. This allows a non-administrative (authe...

WordPress plugin 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. The WordPress plugin suffers from a cross-site reques...

Design/Logic Flaw

An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges, resulting in non-admin users having access to read and modify configuration or other components that should only be accessible by admin users...

Discourse < 2.7.12 DoS Vulnerability

Discourse is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"...

Terramaster TOS 4.2.15 - Remote Code Execution Exploit

Exploit Title: Terramaster TOS 4.2.15 - Remote Code Execution RCE Unauthenticated Exploit Author: n0tme thatsn0tmysite Full Write-Up: https://thatsn0tmy.site/posts/2021/12/how-to-summon-rces/ Vendor Homepage: https://www.terra-master.com/ Version: TOS 4.2.X 4.2.15-2107141517 Tested on: 4.2.15,...

Cross-site Scripting (XSS) - Stored in admidio/admidio

Description When adding a menu after logging in with an administrator account, there is no verification of the URL value, so the XSS payload is stored in the DB. After that, when you click the saved menu, XSS is triggered. If an administrator adds a menu, normal users can click it too. Proof of...

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description CSRF to delete user accounts Proof of Concept Impact This vulnerability is capable of tricking admin users to delete user accounts...

Cross-site Scripting in kimai2

CSRF related to duplicate action. the duplication occurs first before redirecting to edit form. This vulnerability is capable of tricking admin users to duplicate teams...

Cross-Site Request Forgery (CSRF)

kevinpapst/kimai2 is vulnerable to cross-site request forgery. An attacker can add admin users to duplicate teams through the duplicateAction function in ProjectController.php...

CVE-2021-24802

The Colorful Categories WordPress plugin before 2.0.15 does not enforce nonce checks which could allow attackers to make a logged in admin or editor change taxonomy colors via a CSRF attack...

Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2

Description CSRF related to duplicate action. the duplication occurs first before redirecting to edit form Proof of Concept GET /en/admin/teams/id/duplicate GET /en/admin/project/id/duplicate Impact This vulnerability is capable of tricking admin users to duplicate teams Note This is probably all...

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description CSRF related to Torrents section. 6 actions recorded 1: /id/torrentfl 2: /id/torrentdoubleup 3: /id/bumpTorrent 4: /id/torrentsticky 5: /id/reseed 6: /id/freeleechtoken Proof of Concept CLICK ME! Impact This vulnerability is capable of tricking admin users to reseed / use freeleech...

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description More unprotected CSRF endpoints that allows for state-changing operations. 1: GET /dashboard/moderation/1/approve 2: GET /requests/1/accept 3: GET /requests/1/reject 4: GET /requests/1/unclaim 5: GET /requests/1/reset Proof of Concept CLICK ME! Impact This vulnerability is capable of...

CVE-2021-24514

The Visual Form Builder WordPress plugin before 3.0.4 does not sanitise or escape its Form Name, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfilteredhtml capability is disallowed...

Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii

Description No CSRF in duplicate rule, and modifying the order of the rule group Proof of Concept Click Me! Click Me! Click Me! Impact This vulnerability is capable of tricking admin users to duplicate rule and modifying order of rule groups Permalinks selected with reference to this report:...

GHSA-H58V-G3Q6-Q9FX Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in sulu/sulu

Impact What kind of vulnerability is it? Who is impacted? It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What...

CVE-2021-41169

Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade...

CVE-2021-41169

Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade...

CVE-2021-41169 Improper Neutralization HTML tags in sulu/sulu

Sulu is an open-source PHP content management system based on the Symfony framework. In versions before 1.6.43 are subject to stored cross site scripting attacks. HTML input into Tag names is not properly sanitized. Only admin users are allowed to create tags. Users are advised to upgrade...