CVE-2022-47503

CVE-2022-47503 involves deserialization of untrusted data in SolarWinds Platform. Connected advisories identify a concrete instance in SolarWinds Network Performance Monitor where the WorkerControllerWCFProxy handles deserialized input; authenticated attackers can trigger remote code execution wi...

CVE-2023-0712

The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the ajaxmoveobject function in versions up to, and including, 2.18.16. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke this...

Authentication Bypass Vulnerabilities in VMware Workspace ONE Assist

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security vulnerabilities exist in VMwares Workspace ONE Assist solution, some of which can be exploited for authentication bypassing to gain admin-level access. A vulnerability in VMware...

CVE-2022-38108

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands...

PT-2022-23704 · Solarwinds · Solarwinds Platform

Name of the Vulnerable Software and Affected Versions: SolarWinds Platform affected versions not specified Description: The issue allows a remote adversary with Orion admin-level account access to the SolarWinds Web Console to execute arbitrary commands due to the Deserialization of Untrusted Dat...

PT-2022-23199

Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.15.1 Description The issue is related to Improper Authorization functions, which allow non-privileged users to run privileged API calls. If users without admin privileges are added to the Netmaker platform, they ca...

Privilege Escalation

github.com/argoproj/argo-cd is vulnerable to privilege escalation. Lack of enforcement of access restriction by application resource API allows an attacker to escalate the privileges to admin-level...

Argo CD improper access control bug can allow malicious user to escalate privileges to admin level

Impact Impacts for versions starting with v1.0.0 All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level. To perform the following exploits, an authorized Argo CD use...

Cross site scripting

The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...

CVE-2022-1750 Sticky Popup <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting

The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popuptitle' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with admin level capabilities an...

CVE-2022-1750

The CVE-2022-1750 entry describes a Stored Cross-Site Scripting vulnerability in the WordPress Sticky Popup plugin (versions up to and including 1.2). The root cause is insufficient input sanitization and output escaping for the popup_title parameter, enabling an authenticated attacker with admin...

CVE-2022-29687

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/leveldel...

CVE-2022-29687

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/leveldel...

CVE-2022-29685

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/User/levelsort...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the id parameter in /admin.php/user/leveldel that lacks validation of externally...

CVE-2021-43939

Elcomplus SmartPTT is vulnerable when a low-authenticated user can access higher level administration authorization by issuing requests directly to the desired endpoints...

CVE-2022-24846 Unchecked JNDI lookups in GeoWebCache

GeoWebCache is a tile caching server implemented in Java. The GeoWebCache disk quota mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. While in GeoWebCache the JNDI strings are provided via local...

CVE-2022-24818

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...

Deserialization of untrusted data

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...

CVE-2022-24818 Unchecked JNDI lookups in GeoTools

GeoTools is an open source Java library that provides tools for geospatial data. The GeoTools library has a number of data sources that can perform unchecked JNDI lookups, which in turn can be used to perform class deserialization and result in arbitrary code execution. Similar to the Log4J case,...