CVE-2021-32758 Layout XML Arbitrary Code Fix

OpenMage Magento LTS is an alternative to the Magento CE official releases. Prior to versions 19.4.15 and 20.0.11, layout XML enabled admin users to execute arbitrary commands via block methods. The latest OpenMage Versions up from v19.4.15 and v20.0.11 have this Issue patched...

CVE-2021-27999

A SQL injection vulnerability was discovered in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database...

Sql injection

A SQL injection vulnerability was discovered in the editid parameter in Local Services Search Engine Management System Project 1.0. This vulnerability gives admin users the ability to dump all data from the database...

CVE-2021-25956

In “Dolibarr” application, v3.3.beta120121221 to v13.0.2 have “Modify” access for admin level users to change other user’s details but fails to validate already existing “Login” name, while renaming the user “Login”. This leads to complete account takeover of the victim user. This happens since t...

CVE-2021-24519

The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue...

User Rights Access Manager <= 1.0.5 - Access Restriction Bypass

The plugin does not properly restrict access to pages, allowing admin users with restricted access done by the plugin to still access the related pages. The issue is the same technique than https://blog.nintechnet.com/vulnerabilities-fixed-in-wordpress-controlled-admin-access-plugin/ PoC The PoC...

Fortinet FortiManager 和 Fortinet FortiAnalyzer 访问控制错误漏洞

Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiManager and FortiAnalyzer have an access control error vulnerability that could be exploited by an attacker to retrieve the list ...

Remote Code Execution (RCE)

accesscontrol is vulnerable to remote code execution. Having full access to Python's string module allows users with admin-level Zope "Manager" role to access to the class Formatter, which can be overridden and extended within Script Python in a way that provides access to other unsafe Python...

Exploit for CVE-2021-36934

PyNightmare PoC for CVE-2021-36934 Aka HiveNightmare/SeriousSA...

CVE-2021-24482

The Related Posts for WordPress plugin through 2.0.4 does not sanitise its headingtext and CSS settings, allowing high privilege users admin to set XSS payloads in them, leading to Stored Cross-Site Scripting issues...

Files or Directories Accessible to External Parties in ether/logs

Impact A vulnerability was found that allowed authenticated admin users to access any file on the server. Patches The vulnerability has been fixed in 3.0.4. Workarounds We recommend disabling the plugin if untrustworthy sources have admin access. For more information If you have any questions or...

CVE-2021-32752

Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may...

GHSA-243Q-G9J3-QF6R non-admin users can create integration role with administrator role

Impact non-admin users can create integration role with administrator role Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6...

non-admin users can create integration role with administrator role

Impact non-admin users can create integration role with administrator role Patches We recommend updating to the current version 6.4.1.1. You can get the update to 6.4.1.1 regularly via the Auto-Updater or directly via the download overview. https://www.shopware.com/en/download/shopware-6...

WordPress side buttons plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress side buttons plugin prior to version 3.1.5. The...

PT-2021-14707 · Xebialabs +1 · Jenkins Xebialabs Xl Deploy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins XebiaLabs XL Deploy Plugin versions 10.0.1 and earlier Description: An incorrect permission check in the Jenkins XebiaLabs XL Deploy Plugin allows attackers with Generic Create permission to connect to an attacker-specified URL using...

WordPress FlightLo plugin SQL Injection Vulnerability

WordPress is a set of blogging platform developed by Wordpress Foundation using PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an application plugin for WordPress. A SQL injection vulnerability exists in WordPress FlightLo plug...

NinjaFirewall < 4.3.4 - Authenticated (admin+) PHAR Deserialization

The plugin was affected by a PHAR deserialisation issue, which may allow admin users to execute arbitrary code on the remote host. The plugin did not have a POP chain available, so another plugin/theme with one would need to be present, other conditions for the attack are described in the vendor'...

GHSA-JJHW-5MXP-2G2Q Cross-site Scripting in OpenNMS Horizon

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the...

Cross-site Scripting in OpenNMS Horizon

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the...