58 matches found
CVE-2022-23046
CVE-2022-23046 : PhpIPAM v1.4.4 enables an authenticated admin to inject SQL via the subnet parameter when searching in app/admin/routing/edit-bgp-mapping-search.php. Root cause is SQL injection reachable through the subnet field with authenticated access, potentially exposing database informatio...
PT-2022-1466 · Phpipam · Phpipam
Name of the Vulnerable Software and Affected Versions: PhpIPAM version 1.4.4 Description: The issue is related to the lack of protection against SQL query structure manipulation when handling the subnet parameter in the app/admin/routing/edit-bgp-mapping-search.php component of the phpipam web...
CVE-2021-41916
A Cross-Site Request Forgery CSRF vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim's knowledge, by enticing an authenticated admin user to visit an attacker's web page...
CVE-2021-21574
Dell BIOSConnect feature contains a buffer overflow vulnerability. An authenticated malicious admin user with local access to the system may potentially exploit this vulnerability to run arbitrary code and bypass UEFI restrictions...
Remote code execution
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution...
CVE-2020-19891
DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $POST'updatefile' is filename and $POST'tinymcecontent' is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell...
CVE-2020-8500
DISPUTED In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality. Recent assessments: J3rryBl4nks at March 03, 2020 7:47pm UTC reported: Due to the fact tha...
CVE-2020-9335
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...
Cross site scripting
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress. Successful exploitation of this vulnerability would allow a authenticated admin user to inject arbitrary JavaScript code that is viewed by other users...
CVE-2019-8148
A stored cross-site scripting XSS vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can inject arbitrary JavaScript code when creating a content page via page builder...
CVE-2019-8119
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these...
CVE-2019-8126
An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can craft document type definition for an XML representing XML layout. The crafted document type definition and XML layout allow processing of external...
Remote code execution
A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution...
Remote code execution
A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution...
CVE-2019-8125
A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution...
CVE-2019-8119
A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated admin user with import product privileges can delete files through bulk product import and inject code into XSLT file. The combination of these...
Vanilla: Vanilla Forums Gdn_Format unserialize() Remote Code Execution Vulnerability
Summary: An authenticated admin user can trigger a call to unserialize which can allow an attacker to gain remote code execution. Description: Please bare with me on this one, it's heavy. Ok, so after setting a Garden.TouchIcon setting it can be several settings, this is just an example of one we...
Promise NAS NS4300N GUI bug
List, There is a bug in the Promise NAS NS4300N web GUI firmware version 1.1.0.5 which allows an authenticated admin user to change the password of the 'root' account. The user management portion of the web interface allows the admin user to change user's passwords. The PHP script that handles th...