CVE-2017-18915

An issue was discovered in Mattermost Server before 3.8.2, 3.7.5, and 3.6.7. After a restart of a server, an attacker might suddenly gain API Endpoint access...

Curve: Sensitive Info Leak - An Attacker Can Retrieve All the Users Mobile Numbers at https://website-api.production.curve.app/api/waitlist/us

Hi, When am going through all the JS files in curve.com I found a link called "/usa" is used to create Curve USA Waitlists by entering your name, email address, mobile number and address details. F874173 Then there is a functionality called "Track my Position" by using which joined users can view...

CVE-2020-2191

Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...

UPDATE: Empire v3.2.2

Empire v3.2.2 was released a couple of days ago! If you remember, I briefly mentioned about this tool in my five month old post titled – List of Open Source C2 Post-Exploitation Frameworks. This version adds a newer Mimikatz version with a new API endpoint. What is Empire? Empire 3.0 is an open...

GitLab: Stored XSS on PyPi simple API endpoint

Summary The recently released PyPi package feature has a new endpoint at /api/:version/projects/:id/packages/pypi/simple/packagename which exposes an HTML page listing the package versions. The packagelink's are generated using the following code: packagepresenter.rbL50 ruby def packagelinkurl,...

CVE-2020-11515

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

Open redirect

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

CVE-2020-11515

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs that redirect to an external web site via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the...

CVE-2020-11514

The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to update arbitrary WordPress metadata, including the ability to escalate or revoke administrative privileges for existing users via the unsecured rankmath/v1/updateMeta REST API endpoint...

CVE-2020-11464

Deskpro CVE-2020-11464 affects Deskpro before 2019.8.0, where /api/people failed to properly validate a user’s privilege, allowing retrieval of sensitive information for all users (full name, privilege, email, phone, etc.). The issue is documented across multiple feeds, with remediation reference...

Critical WordPress Plugin Bug Can Lock Admins Out of Websites

A pair of security vulnerabilities in the WordPress search engine optimization SEO plugin, known as Rank Math, could allow remote cybercriminals to elevate privileges and install malicious redirects onto a target site, according to researchers. It’s a WordPress plugin with more than 200,000...

CVE-2019-20520

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/method/ URI...

PT-2020-12149 · Chadha · Phpkb Standard Multi-Language

Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue allows attackers to add a new news article via a crafted request to the /admin/add-news.php API endpoint, specifically exploiting the CSRF weakness. Recommendations: For...

WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure

Exploit: WatchGuard Fireware AD Helper Component 5.8.5.10317 - Credential Disclosure Author: RedTeam Pentesting GmbH Date: 2020-03-11 Vendor: https://www.watchguard.com Software link: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/tdr/tdradhelperc.html CVE:...

ThemeREX Addons Remote Code Execution Vulnerability

WordPress plugin ThemeREX Addons is a plugin that works with various ThemeREX themes, featuring several theme enhancements and widgets that extend the functionality of the theme in question. A remote code execution vulnerability exists in versions of ThemeREX Addons prior to 2020-03-09. The...

Mail.ru: [v7lk.relap.io] Sending arbitrary emails to any user

Mail sending API endpoint at relap.io was publicly accessible...

Information disclosure in Apache Superset

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset...

CVE-2020-1932

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset...

Information disclosure

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset...

PYSEC-2020-224

An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users' information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset...