6612 matches found
CVE-2022-45816 WordPress GD bbPress Attachments Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)
Auth. Stored Cross-Site Scripting XSS vulnerability in GD bbPress Attachments plugin = 4.3.1 on WordPress...
Cross site scripting
Querybook is an open source data querying UI. In affected versions user provided data is not escaped in the error field of the auth callback url in querybook/server/app/auth/oauthauth.py and querybook/server/app/auth/oktaauth.py. This may allow attackers to perform reflected cross site scripting...
CVE-2022-46151
CVE-2022-46151 affects Querybook, where user-provided data in the error field of the auth callback URL (oauth_auth.py and okta_auth.py) is not escaped, enabling reflected XSS if CSP is not enabled or unsafe-inline is allowed. Affected versions are before 3.14.2. Mitigation: upgrade to Querybook 3...
PT-2022-27768 · Querybook · Querybook
Name of the Vulnerable Software and Affected Versions: Querybook versions prior to 3.14.2 Description: The issue concerns Querybook, an open source data querying UI. In affected versions, user-provided data is not escaped in the error field of the auth callback URL in...
CVE-2022-3711
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...
Sql injection
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA...
Sql injection
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-3696
The CVE-2022-3696 entry describes a post-auth code-injection vulnerability in Sophos Firewall Webadmin, affecting releases prior to 19.5 GA. The issue allows an administrator to execute code via the Webadmin interface with high impact (code execution, confidentiality/ integrity/ availability impa...
PT-2022-23706 · Sophos · Sophos Firewall
Name of the Vulnerable Software and Affected Versions: Sophos Firewall versions prior to 19.5 GA Description: A post-auth code injection issue allows admins to execute code in the Webadmin of Sophos Firewall. This issue does not specify the estimated number of potentially affected devices worldwi...
CVE-2022-3696
A post-auth code injection vulnerability allows admins to execute code in Webadmin of Sophos Firewall releases older than version 19.5 GA...
CVE-2022-46146
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...
AZL-41992 CVE-2022-46146 affecting package prometheus-process-exporter for versions less than 0.8.2-1
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...
UBUNTU-CVE-2022-46146
Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix...
SQL Injection
org.opendaylight.aaa:aaa-idm-store-h2 is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the deleteRole function in RoleStore.java allows a malicious user to inject and execute arbitrary SQL queries on the target system, when the API interface /auth/v1/roles/ ...
SQL Injection
org.opendaylight.aaa:aaa-idm-store-h2 is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the deleteUser function in UserStore.java allows a malicious user to inject and execute arbitrary SQL queries on the target system, when the /auth/v1/users/ API interface ...
CVE-2022-45930
A SQL injection issue was discovered in AAA in OpenDaylight ODL before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface...
CVE-2022-45363
Affected software: Muffingroup Betheme theme for WordPress (versions up to 26.6.1). The issue is a Stored Cross‑Site Scripting (XSS) vulnerability in subscriber+ context, caused by insufficient sanitization/escaping of user input in the theme. Impact as stated: XSS could be triggered by authentic...
WordPress SMSA Shipping for WooCommerce premium plugin <= 1.0.4 - Auth. Arbitrary File Download vulnerability
Auth. Arbitrary File Download vulnerability discovered by WPScan in WordPress SMSA Shipping for WooCommerce premium plugin versions = 1.0.4. Solution Update the WordPress SMSA Shipping for WooCommerce plugin to the latest available version at least 1.0.5...
Mozilla: Cross-Site Tracing was possible via non-standard override headers
The Mozilla Foundation Security Advisory describes this flaw as: Cross-Site Tracing occurs when a server will echo a request back via the Trace method, allowing an XSS attack to access to authorization headers and cookies inaccessible to JavaScript such as cookies protected by HTTPOnly. To mitiga...
CVE-2021-24649
The WP User Frontend WordPress plugin before 3.5.29 uses a user supplied argument called urhidden in its registration form, which contains the role for the account to be created with, encrypted via wpufencryption. This could allow an attacker having access to the AUTHKEY and AUTHSALT constant via...