SourceCodester E-Commerce Site 代码问题漏洞

E-Commerce Site is an e-commerce website. A code issue vulnerability exists in SourceCodester Complete E-Commerce Site version 1.0, which stems from a file upload vulnerability in file /admin/usersphoto.php...

CVE-2024-2535

A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotel...

Online-College-Event-Hall-Reservation-System SQL Injection Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. Online-College-Event-Hall-Reservation-System suffers from a SQL...

Online-College-Event-Hall-Reservation-System Cross-Site Scripting Vulnerability

Online-College-Event-Hall-Reservation-System is an online college event hall reservation system by Magesh K individual developer. Designed to automate the hall booking process to eliminate manual logging and increase efficiency. A cross-site scripting vulnerability exists in...

CVE-2024-28254 SpEL Injection in `GET /api/v1/events/subscriptions/validation/condition/<expr>` in OpenMetadata

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎AlertUtil::validateExpression method evaluates an SpEL expression using getValue which by default uses the...

CVE-2024-28194 Authentication Bypass Because of Hardcoded JWT Secret in your_spotify

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions 1.8.0 use a hardcoded JSON Web Token JWT secret to sign authentication tokens. Attackers can use this well-known value to forge valid authentication tokens for arbitrary users. This vulnerability allows...

WooCommerce Product Filter < 1.4.4 - Reflected XSS

Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin PoC Make a logged in admin open the URL below the filter with the slug test1 needs to...

PT-2024-3068 · Unknown · Openmetadata

Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.2.4 Description: The issue is related to the AlertUtil::validateExpression method, which evaluates an SpEL expression using getValue with the StandardEvaluationContext, allowing interaction with Java classes...

CVE-2024-26280 Apache Airflow: Overly broad default permissions for Viewer/Ops (audit logs)

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames they were not permitted to view. With 2.8.2 and newer, Ops and Viewer users do not have audit log permission by...

PT-2024-16732 · WordPress · Shariff Wrapper

Name of the Vulnerable Software and Affected Versions: Shariff Wrapper WordPress plugin versions prior to 4.6.10 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example,...

CVE-2023-39249

Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables...

CVE-2023-39249

Dell SupportAssist for Business PCs version 3.4.0 contains a local Authentication Bypass vulnerability that allows locally authenticated non-admin users to gain temporary privilege within the SupportAssist User Interface on their respective PC. The Run as Admin temporary privilege feature enables...

Wago Multiple Products Improper Privilege Management (CVE-2023-3379)

Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

CVE-2024-0566

The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

PT-2024-15016 · WordPress · Popup Box

Name of the Vulnerable Software and Affected Versions: Popup Box WordPress plugin versions prior to 20.9.0 Description: The issue allows high privilege users, such as admins, to perform Cross-Site Scripting attacks even when unfiltered html is disallowed, due to the plugin not sanitizing and...

CVE-2024-24807

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...

Design/Logic Flaw

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...

Sulu HTML Injection via Autocomplete Suggestion

Impact It is an issue when input HTML into the Tag name. The HTML is execute when the tag name is listed in the auto complete form. Only admin users are affected and only admin users can create tags. Patches Has the problem been patched? What versions should users upgrade to? The problem is patch...

CVE-2024-24807

CVE-2024-24807 — Sulu HTML Injection via Autocomplete Suggestion What is affected: Sulu CMS (PHP, Symfony) — specifically the auto-complete form used when creating Tag names. Root cause: HTML input in Tag name is executed when listed in the autocomplete, indicating inadequate input sanitization f...

CVE-2024-24807 Sulu is vulnerable to HTML Injection via Autocomplete Suggestion

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...