27 matches found
EUVD-2017-14082
Malware in sbrugna...
VICIdial Authenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VICIdial Authenticated Remote Code Execution', 'Description' = %q An attacker with authenticated access to VICIdial as an "agent" can execute...
CVE-2024-8504 VICIdial Authenticated Remote Code Execution
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective...
CVE-2024-8504
CVE-2024-8504 is an authenticated Remote Code Execution in VICIdial (v2.14-917a) via OS command injection. An attacker with agent-level access can run commands as root; the issue can be chained with CVE-2024-8503 (unauthenticated SQLi) to escalate from unauthenticated context. Public sources conf...
GHSA-2JCH-QC96-9F5G Flowise Cross-site Scripting in api/v1/chatflows/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the api/v1/chatflows/id endpoint. If the default configuration is used unauthenticated, an attacker may be able to craft a...
Flowise Cross-site Scripting in /api/v1/chatflows-streaming/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/chatflows-streaming/id endpoint. If the default configuration is used unauthenticated, an attacker may be able...
CVE-2024-37145 GHSL-2023-247: Flowise xss in /api/v1/chatflows-streaming/id
Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, a reflected cross-site scripting vulnerability occurs in the /api/v1/chatflows-streaming/id endpoint. If the default configuration is used unauthenticated, an attacker may be able...
CSRF token exposure in TYPO3 extension
When using the CsrfTokenViewHelper the extension discloses the user's session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site...
Sensitive Information Disclosure in “Extbase Yaml Routes” (routes)
When using the CsrfTokenViewHelper the extension discloses the user's session identifier to HTML output without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance Cross Site...
Sql injection
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited...
CVE-2021-21339
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 6.2.57, 7.6.51, 8.7.40, 9.5.25, 10.4.14, 11.1.1 user session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited...
Cleartext storage of session identifier
Problem User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system...
PT-2021-14433 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 6.2.57 TYPO3 versions prior to 7.6.51 TYPO3 versions prior to 8.7.40 TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue concerns user session identifier...
Cleartext storage of session identifier
User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system...
Exploit for CVE-2020-23160
Pyrescom-Termod-PoC This is the Proof-of-concept exploit code...
GHSA-954J-F27R-CJ52 Cleartext storage of session identifier
User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Solution...
Cleartext storage of session identifier
User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system. Solution...
Sql injection
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 user session identifiers were stored in cleartext - without processing with additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in...
PT-2020-16357 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 9.5.23 TYPO3 versions prior to 10.4.10 Description: The issue concerns user session identifiers being stored in cleartext without additional cryptographic hashing algorithms. This cannot be exploited directly and occur...
Cleartext storage of session identifier
User session identifiers were stored in cleartext - without processing of additional cryptographic hashing algorithms. This vulnerability cannot be exploited directly and occurs in combination with a chained attack - like for instance SQL injection in any other component of the system...