Cross site scripting

Kirby is a content management system. In Kirby CMS versions 3.5.5 and 3.5.6, the Panel's ListItem component used in the pages and files section for example displayed HTML in page titles as it is. This could be used for cross-site scripting XSS attacks. Malicious authenticated Panel users can...

CVE-2020-27361

An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories...

Infoblox NIOS 安全漏洞

Infoblox NIOS is an operating system that powers Infoblox core network services. It ensures uninterrupted operation of the network infrastructure. A security vulnerability exists in Infoblox NIOS versions prior to 8.5.2, which stems from a program that allows entity expansion during an XML upload...

Zenly: Friend Request Flow Exposes User Data

Summary: When submitting a friend request to a user, Zenly will allow access to their phone number regardless of whether the friend request is accepted or not. To obtain this information, a malicious actor only needs to know their username. Steps To Reproduce: To reproduce this issue, an...

Improper input validation in CNCF Cortex

The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth passwordfile can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack...

SQL Injection Vulnerability in the Equipment Management System of Shenzhen Chaohenghui Technology Co.

LELIGHT is the brand of wireless network series products independently developed by Shenzhen Chaohanghui Network Technology Co., Ltd, which covers: intelligent gateway, digital bridge, intelligent wireless router, POE switch and so on. Shenzhen Chaohanghui Equipment Management System has a SQL...

Threat Actors Use Google Docs to Host Phishing Attacks

Threat actors are exploiting Google Docs by hosting their attacks within the web-based document service in a new phishing campaign that delivers malicious links aimed at stealing victims’ credentials. Researchers at email and collaboration security firm Avanan discovered the campaign, which is th...

Nextcloud Android app 信息泄露漏洞

Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. The Nextcloud Android app suffers from an information disclosure vulnerability that can be exploited by an attacker to gain access to shared preference information in the Nextcloud...

PT-2021-19395 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.4.55 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

Integer overflow

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR...

SAP NetWeaver Application Server 跨站脚本漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server, which can be exploited by an attacker to launch a cross-site scripting attack...

Quiz And Survey Master < 7.1.18 - Reflected Cross-Site Scripting (XSS)

The plugin did not sanitise or escape its resultid parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege escalation by inducing a logged in admin to open a malicious link...

Path traversal

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A...

PT-2021-13833 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: keycloak versions prior to 13.0.0 Description: A flaw in keycloak allows for a Self Stored XSS attack vector, which can escalate to a complete account takeover. This is due to user-supplied data fields not being properly encoded and the use o...

Gadget Works Online Ordering System 1.0 - (Category) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Gadget Works Online Ordering System 1.0 - 'Category' Persistent Cross-Site Scripting XSS Exploit Author: Vinay H C Vendor Homepage: https://www.sourcecodester.com/ Software Link: https://www.sourcecodester.com/php/13093/gadget-works-online-ordering-system-phpmysqli.html Version: 1....

The Gig Economy Creates Novel Data-Security Risks

As businesses strive to move faster and faster, many are adopting a “just-in-time” strategy of spinning up human resources on demand – a phenomenon known as the gig economy, familiar to most via Uber, Instacart or DoorDash. But it’s a concept that enterprises are embracing too – inadvertently...

PT-2021-5464 · Apache +8 · Apache Http Server +8

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.4.41 through 2.4.46 Description: The issue is related to the mod proxy http function in the Apache HTTP Server, which can be made to crash due to a NULL pointer dereference when handling specially crafted request...

COVID19 Testing Management System 1.0 - SQL Injection (Auth Bypass) Vulnerability

Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection Auth Bypass Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10 SQL Injection:...

COVID19 Testing Management System 1.0 SQL Injection

Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection Auth Bypass Date: 19/05/2021 Exploit Author: Rohit Burke Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/ Version: 1.0 Tested on: Windows 10 SQL...