Concrete CMS: Stored XSS vulnerability in RSS Feeds Description field

Intro "Pirates of the Crayons" Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.2.0 RC2 rev. b54f2b451f0a0804699c4cf9f0b3a8fef0e407db July 10th Summary There is Stored XSS vulnerability in RSS Feeds Description property. Value of the textarea is not...

Concrete CMS: Stored XSS in Name field in User Groups/Group Details form

Intro "The Crayons of Madagascar" Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.2.0 RC2 rev. 32c9daf352645d4fafedb7b956e7f2de4e153ab3 Summary There is Stored XSS vulnerability in User Groups-Group Details Name field. This vulnerability might be used ...

Concrete CMS: Stored XSS in Private Messages 'Reply' allows to execute malicious JavaScript against any user while replying to the message which contains payload

Intro "Back to the Crayons" Type of issue: Core CMS issue Level of severity: External Attack Vector Concrete5 version: 8.2.0 RC2 rev. 32c9daf352645d4fafedb7b956e7f2de4e153ab3 July 8th Summary There is Stored XSS vulnerability in Private Messages 'Reply' feature, when original message is quoted in...

Devmode Remote Command Execution Vulnerability in Elevator Engineering Management System

Elevator project management system is to establish an informatization system applicable to elevator enterprises, which collects elevator business data from various departments in time, has good data communication and exchange capability, standardized management process, unified management model,...

Solarwinds LEM 6.3.1 Hardcoded Credentials Vulnerability

Exploit for linux platform in category local exploits Title: Solarwinds LEM Hardcoded Credentials Advisory ID: KL-001-2017-015 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-015.txt 1. Vulnerability Details Affected Vendor: Solarwinds...

Solarwinds LEM Hardcoded Credentials

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Log and Event Manager Virtual Appliance Affected Version: v6.3.1 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials Impact: Unintended Access Attack vector: Local 2. Vulnerability Description The...

SA151: ImageMagick RCE Vulnerability (ImageTragick)

SUMMARY Symantec Network Protection products using affected versions of ImageMagick are susceptible to the ImageTragick security vulnerability. A remote attacker can send crafted images and execute arbitrary code on the target. AFFECTED PRODUCTS The following products are vulnerable: Security...

CVE-2017-1347

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462...

Code execution vulnerability in finecms

FineCMS is an efficient and simple small and medium-sized content management system based on PHP+MySql+CI framework. A code execution vulnerability exists in finecms. An attacker can exploit the vulnerability getshell...

Google Android has an unspecified vulnerability (CNVD-2017-13247)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in the DRM provisioning command parsing process in Android. An attacker can exploit this vulnerability to perform unauthorized operations...

Windows Uniscribe Remote Code Execution Vulnerability

A remote code execution vulnerability exists due to the way Windows Uniscribe handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accoun...

Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08704)

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. Fastspot BigTree CMS 4.2.18 and earlier versions of the core\admin\modules\developer\extensions\install\process.php file and core\admin\modules\developer\ An SQL injection...

Sql injection

SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2380hw6580hw2710hw31350hw22500-7.0.1-build2093. An attack vector is the bauth cookie to cgi-bin/MANGA/admin.cgi. One impact is enumeration of user accounts by observing whether a sessi...

Cross site scripting

Cross-site scripting XSS vulnerability in Allen Disk 1.6 allows remote authenticated users to inject arbitrary web script or HTML persistently by uploading a crafted HTML file. The attack vector is the content of this file, and the filename must be specified in the PATHINFO to readfile.php...

XSS'OR - Hack with JavaScript

XSS'OR is a free online tool for hacking with JavaScript. It contains three major modules: 1. Encode/Decode The Encode/Decode module, including: front-end encryption and decryption; code compression, decompression, beautification, the implementation of testing; character set conversion, hash...

CVE-2017-4013

Banner Disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to obtain product information via HTTP response header...

CVE-2017-8897

Invision Power Services IPS Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announcement affecting any Invision...

CVE-2017-8897

Invision Power Services IPS Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announcement affecting any Invision...

CVE-2017-8791

CVE-2017-8791 affects Accellion FTA devices prior to FTA_9_12_180. The vulnerability is a CRLF injection in the login page parameter path: home/seos/courier/login.html auth_params, allowing a remote attacker to trigger a CRLF-based attack. Public sources in CNVD/NVD confirm a remote-exploitation ...

Weblate: session id missing secure flag - Hosted Website

Hey folks, Looks like the sessionid cookie handles session id but misses Secure flag. Cookies without this flag will transmitted over unencrypted channel and let's the man in the middle attackers to grab the value. Attack Vector - Attacker passes a http:// hosted website link - Victim clicks the...