13 matches found
CVE-2018-19509
wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars instead of using a templating engine with proper contextual encoding. Because it is possible to insert arbitrary strings into the database, any JavaScript could be executed by the administrator, leading to XSS...
CVE-2024-36463
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects...
GHSA-VG6Q-84P8-QVQH Mattermost allows a user on a remote to set their remote username prop to an arbitrary string
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a remote to set their remote username prop to an arbitrary string, which would be then synced to the...
CVE-2024-39839 Remote username set to an arbitrary string by remote user
Mattermost versions 9.9.x = 9.9.0, 9.5.x = 9.5.6, 9.7.x = 9.7.5, 9.8.x = 9.8.1 fail to disallow users to set their own remote username, when shared channels were enabled, which allows a user on a remote to set their remote username prop to an arbitrary string, which would be then synced to the...
CVE-2020-35590
LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of per IP address rate limits because the X-Forwarded-For header can be forged. When the plugin is configured to accept an arbitrary header for the client source IP address, a malicious...
WordPress RCE Vulnerability (CVE-2019-8942) - Windows
WordPress allows remote code execution RCE because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif...
Remote code execution
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...
CVE-2018-10943
An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. Sending an arbitrary unexpected string to TCP port 7100 respecting a certain frequency timing disconnects all clients and results in a crash of the Unit...
Greenhouse.io: Cache poisoning using NULL bytes and long URLs
This is related to a previous report I made https://hackerone.com/reports/326639. The same endpoint https://boards.greenhouse.io/embed/jobboard/js?for= is still vulnerable to arbitrary string injection, by terminating the customer key in the for parameter with a URL-encoded NULL byte i.e. %00,...
PHP ip2long Function String Validation Weakness
According to its banner, the 'ip2long' function in the version of PHP installed on the remote host may incorrectly validate an arbitrary string and return a valid network IP address. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Debian: Security Advisory (DSA-1188-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
logwatch security update
CentOS Errata and Security Advisory CESA-2005:364-01 An updated logwatch package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. LogWatch is a customizable log analysis system. LogWatch...
Moderate: Red Hat Security Advisory: logwatch security update
An updated logwatch package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. LogWatch is a customizable log analysis system. LogWatch parses through your system's logs for a given period of...