EUVD-2022-6508

Malicious code in bioql PyPI...

InsydeH2O 安全漏洞

InsydeH2O is a customizable firmware codebase from China's Insyde Insyde Corporation. A security vulnerability exists in InsydeH2O, which originates from an arbitrary call to SmmSetVariable with unsanitized parameters in the SMI handler...

Internet Bug Bounty: Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable

Describe the summary: The Electron Website provides a set of packages to make creating actions easier. The core.exportVariable function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write...

@actions/core 注入漏洞

@actions/core is the core function of the npm package management tool for individual developers. This function is used for result, key, and log configuration. An injection vulnerability exists in @actions/core 1.9.0 and earlier, which stems from the use of a well-known delimiter in the...

X-Cart < 4.1.3 - Arbitrary Variable Overwrite Vulnerability

Exploit for php platform in category web applications X-Cart Arbitrary Variable Overwrite Vendor: Qualiteam Product: X-Cart Version: $value $$var = $value; As we can see every single post variable is dynamically evaluated. This is especially dangerous because register globals and magic q...

X-Cart &lt; 4.1.3 - Arbitrary Variable Overwrite

X-Cart Arbitrary Variable Overwrite Vendor: Qualiteam Product: X-Cart Version: $value $$var = $value; As we can see every single post variable is dynamically evaluated. This is especially dangerous because register globals and magic quotes gpc settings do not affect an attackers ability to...

X-Cart 4.1.3 - Arbitrary Variable Overwrite

X-Cart 4.1.3 - Arbitrary Variable Overwrite X-Cart Arbitrary Variable Overwrite Vendor: Qualiteam Product: X-Cart Version: $value $$var = $value; As we can see every single post variable is dynamically evaluated. This is especially dangerous because register globals and magic quotes gpc settings ...

SquirrelMail 1.4.7 - Arbitrary Variable Overwrite

SquirrelMail 1.4.7 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: SquirrelMail Product: SquirrelMail Version: = 1.4.7 Website: http://www.squirrelmail.org BID: 19486 CVE: CVE-2006-4019 OSVDB: 27917 SECUNIA: 21354 Description: SquirrelMail is a standards-based...

SquirrelMail &lt; 1.4.7 - Arbitrary Variable Overwrite

SquirrelMail Arbitrary Variable Overwrite Vendor: SquirrelMail Product: SquirrelMail Version: = 1.4.7 Website: http://www.squirrelmail.org BID: 19486 CVE: CVE-2006-4019 OSVDB: 27917 SECUNIA: 21354 Description: SquirrelMail is a standards-based webmail package written in php. It includes built-in...

SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite

SquirrelMail 1.4.5-RC1 - Arbitrary Variable Overwrite SquirrelMail Arbitrary Variable Overwrite Vendor: The SquirrelMail Project Team Product: SquirrelMail Version: = 1.4.5-RC1 Website: http://www.squirrelmail.org/ BID: 14254 CVE: CVE-2005-2095 SECUNIA: 16058 PACKETSTORM: 38709 Description:...

Arbitrary Variable Overwrite in eShop WordPress Plugin

Advisory ID: HTB23255 Product: eShop WordPress plugin Vendor: Rich Pedley Vulnerable Versions: 6.3.11 and probably prior Tested Version: 6.3.11 Advisory Publication: April 15, 2015 without technical details Vendor Notification: April 15, 2015 Public Disclosure: May 6, 2015 Vulnerability Type: Cod...

WordPress Plugin eShop Arbitrary Variable Override Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on servers with PHP and MySQL. eShop is an accessible shopping cart WordPress plugin. An arbitrary variable override vulnerability exists in...

WordPress eShop 6.3.11 Code Execution

Advisory ID: HTB23255 Product: eShop WordPress plugin Vendor: Rich Pedley Vulnerable Versions: 6.3.11 and probably prior Tested Version: 6.3.11 Advisory Publication: April 15, 2015 without technical details Vendor Notification: April 15, 2015 Public Disclosure: May 6, 2015 Vulnerability Type: Cod...

Arbitrary Variable Overwrite in eShop WordPress Plugin

High-Tech Bridge Security Research Lab discovered security vulnerability in eShop WordPress Plugin, which can be exploited by remote attacker to overwrite arbitrary PHP variables within the context of the vulnerable application. The vulnerability exists due to insufficient validation of...

e107 <= 0.7.11 - Arbitrary Variable Overwriting Vulnerability

No description provided by source. GulfTech Security Research August 07, 2008 Vendor : Steve Dunstan URL : http://www.e107.org/ Version : e107 = 0.7.11 Risk : Arbitrary Variable Overwriting Description: e107 is a popular full featured content management system written in php. Unfortunately e107...

About Dedecms variable coverage exploits-vulnerability warning-the black bar safety net

Someone recently broke the dedecms variable coverage holes,it is also a quite interesting vulnerability, and in some cases dedecms this variable vulnerability to exist for so long in some people are many years,about six months ago I also independently discovered by 本文 [email protected] Write ...

boblog arbitrary variable overwrite vulnerability(II)-vulnerability warning-the black bar safety net

Previously 80vul. com published on a bo-blog of vulnerabilities1,this vulnerability has already been an official patch,but then the tick. com released a bypass patch Method2,shame is triggered when there is a certain limit,here I come again published a without any limitation bypassing the patch t...

boblog arbitrary variable overwrite vulnerability(a)-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com Vulnerability code is as follows: // go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath, $rawURL=@explode'/go.php/', $qurl; $rewritedURL=$rawURL; // from$SERVER"REQUESTURI",can be arbitrarily submitted:...

bo-blog任意变量覆盖漏洞

// go.php $qurl=$SERVER"REQUESTURI"; @list$relativePath, $rawURL=@explode'/go.php/', $qurl; $rewritedURL=$rawURL; // 来自$SERVER"REQUESTURI",可以任意提交的: ... $RewriteRules="/component/^/+/?/"; // 这个正则限制的不够细致,可以很轻易的绕过: ... $RedirectTo="page.php?pagealias=\1"; $i=0; foreach $RewriteRules as $rule if...

Sablog-X V2. X admin permissions spoofing and arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

Sablog-X is a PHP and MySQL build a blog system. Affected version:Sablog-X-2. x Said First admin permission spoofing vulnerability Due to the Sablog-x v2. x the back-end authentication process there is a serious logical problem, and leads to the special structure of the cookie log in directly to...