Privilege escalation

In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will b...

PT-2022-4662 · Otrs +1 · Otrs +1

Name of the Vulnerable Software and Affected Versions: OTRS affected versions not specified Description: The issue is related to the lack of protection of the web page structure in the OTRS ticket request system's admin interface. This can be exploited by a remote attacker to conduct a cross-site...

FreeBSD : couchdb -- user privilege escalation (a7dd4c2d-77e4-46de-81a2-c453c317f9de)

Cory Sabol reports : A malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will...

Deleted Admin Can Sign In to Admin Interface

Impact Assuming an administrator once had previous access to the admin interface, they may still be able to sign in to the backend using October CMS v2.0. Patches The issue has been patched in v2.1.12 Workarounds - Reset the password of the deleted accounts to prevent them from signing in. - Plea...

CVE-2021-41126 Deleted Admin Can Sign In to Admin Interface

October is a Content Management System CMS and web platform built on the the Laravel PHP Framework. In affected versions administrator accounts which had previously been deleted may still be able to sign in to the backend using October CMS v2.0. The issue has been patched in v2.1.12 of the...

Cybozu Remote Service 跨站脚本漏洞

Cybozu Remote Service is Cybozu's remote service management software for accessing Cybozu's internal systems. A cross-site scripting vulnerability exists in the Cybozu Remote Service administration interface. A remote authenticated attacker could use this vulnerability to obtain information store...

The Better Mega Menu - Moderately critical - Cross Site Scripting, Information Disclosure, Multiple vulnerabilities - SA-CONTRIB-2021-038

This module provides an admin interface for creating drop down menus that combine Drupal menu items with rich media content. The module does not sanitize values for CSS properties that are added by admins and rendered on the front-end, allowing attackers to inject malicious code into the front-en...

The Better Mega Menu - Moderately critical - Access bypass - SA-CONTRIB-2021-041

This module provides an admin interface for creating drop down menus that combine Drupal menu items with rich media content. This module has a vulnerability whereby users can select blocks as a menu item they don't have permission to view. The vulnerability is mitigated by the fact that it can on...

Plastic Scm安全漏洞

Unity Technologies Plastic Scm is a version control from Unity Technologies, USA. A security vulnerability previously existed in Plastic SCM 10.0.16.5622, which stemmed from Plastic SCM incorrectly handling the WebAdmin server management interface...

CVE-2021-39285

A XSS vulnerability exists in Versa Director Release: 16.1R2 Build: S8. An attacker can use the administration web interface URL to create a XSS based attack...

The vulnerability of the Pulse Connect Secure corporate network VPN server, related to the unlimited download of dangerous types of files, allows a hacker to execute arbitrary code.

The vulnerability of the Pulse Connect Secure corporate network VPN server is related to the unlimited download of dangerous files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by downloading a specially created archive through the web administrator interface...

Electron Technologies FZC PopojiCMS 跨站请求伪造漏洞

Electron Technologies FZC PopojiCMS is an open source content management system CMS based on the Popoji framework from Electron Technologies FZC. version 2.0.1 of Electron Technologies FZC PopojiCMS admin.php is vulnerable to cross-site request forgery. No detailed vulnerability details are...

CVE-2021-22937

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface...

Design/Logic Flaw

A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface...

PT-2021-3892 · Pulse · Pulse Connect Secure

Name of the Vulnerable Software and Affected Versions: Pulse Connect Secure versions prior to 9.1R12 Description: The issue allows an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface. This could potentially enable a...

couchdb -- user privilege escalation

Cory Sabol reports: A malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will ...

CVE-2021-32783

Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy...

PT-2021-19929 · Contour +1 · Contour +1

Name of the Vulnerable Software and Affected Versions: Contour versions prior to 1.17.1 Contour versions prior to 1.18.0 Description: A specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy containe...

CVE-2020-22148

A stored cross site scripting XSS vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML...

Red Hat Wildfly 访问控制错误漏洞

Red Hat Wildfly is a lightweight JavaEE-based open source application server from Red Hat USA. An access control error vulnerability exists in WildFly Core that stems from improperly restricting access to Vault expressions. If a Vault expression takes the form of a single attribute containing...