GHSA-CR3W-CW5W-H3FJ Saltcorn's Reflected XSS and Command Injection vulnerabilities can be chained for 1-click-RCE

Summary 1. There is a reflected XSS vulnerability in the GET /admin/edit-codepage/:name route through the name parameter. This can be used to hijack the session of an admin if they click a specially crafted link. 2. Additionally, there is a Command Injection vulnerability in GET /admin/backup. Th...

Cross-site Scripting (XSS)

Overview @saltcorn/server is a Server app for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to Cross-site Scripting XSS and code execution, via the name parameter on the /admin/edit-codepage endpoint and improper handling of backup password input to the...

Cross-site Scripting (XSS)

Overview @saltcorn/admin-models is a models only required by the admin interface for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to Cross-site Scripting XSS and code execution, via the name parameter on the /admin/edit-codepage endpoint and improper...

Cross-site Scripting (XSS)

Overview @saltcorn/data is a Data models for Saltcorn, open-source no-code platform Affected versions of this package are vulnerable to Cross-site Scripting XSS and code execution, via the name parameter on the /admin/edit-codepage endpoint and improper handling of backup password input to the...

OESA-2024-2248 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

CVE-2024-8926

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...

DEBIAN-CVE-2024-8926

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...

curl: Unicode-to-ASCII conversion on Windows can lead to argument injection and more

Vulnerability description not provided...

OSV-2023-717 Heap-buffer-overflow in bit_TV_to_utf8_codepage

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61593 Crash type: Heap-buffer-overflow READ 1 Crash state: bitTVtoutf8codepage bitTVtoutf8 dwgdecodeLAYOUTprivate...

CactusPete APT group’s updated Bisonal backdoor

CactusPete also known as Karma Panda or Tonto Team is an APT group that has been publicly known since at least 2013. Some of the groups activities have been previously described in public by multiple sources. We have been investigating and privately reporting on this groups activity for years as...

PT-2024-6535 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. through 8.1.29 PHP versions 8.2. through 8.2.23 PHP versions 8.3. through 8.3.11 Description: The issue exists due to the failure to neutralize special elements in the PHP interpreter. This may allow a malicious user to pass...

Fedora 27 : glibc (2017-0d3fdd3d1f)

This update adds support for the IBM858 codepage RHBZ1416405. It moves the nsscompat NSS service module to the main glibc package RHBZ1400538. As a security hardening measure, stdio streams are no longer flushed on process abort/assertion failure RHBZ1498880. /var/db/Makefile is now included in t...

Ad Muncher 4.81 Cross Site Scripting

Hello Full-Disclosure! I want to warn you about Cross-Site Scripting vulnerability in Ad Muncher. In May I already wrote about universal XSS in Ad Muncher http://websecurity.com.ua/4202/, which allowed to conduct XSS attacks on any sites in any browsers. Which existed in versions before Ad Munche...

Multiple browsers inherited charset crossite scripting

If age with undefined charset is displayed in frame, codepage of parent page is used. It makes it possible to conduct crossite scripting attack with e.g. UTF-7, EUC-JP SHIFTJIS charset...

Microsoft Internet Explorer filtering protection bypass

For ASCII codepage 8-bit text is converted to 7-bit. It makes it possible to bypass content filters with 8-bit characters within ASCII encoded text...

courier-imap buffer overflow

Buffer overflow during character codepage conversions...