Digital Publications by Supsystic < 1.6.12 - Authenticated Path Traversal

The "Folder" tab under "Publications" is vulnerable to path traversal and exposes limited information, for example, the user can gain information regarding images stored in outside of the WordPress blog, ie, home directories. PoC Enter the following payload into the "Folder" input field of a...

Millewin 13.39.146.1 - Local Privilege Escalation Vulnerability

Exploit Title: Millewin 13.39.146.1 - Local Privilege Escalation Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link: https://download.millewin.it/files/Millewin/setup/InstMilleDemo13.392019PS.exe...

Trojan-Spy.Win32.WebCenter.a Information Disclosure

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e3cf225a94c6be5a26fc21a1ec83f418.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.WebCenter.a Vulnerability: Information Disclosure Description: The trojan creates a...

Luxion KeyShot 路径遍历漏洞

Luxion KeyShot is a software for designing photos of 3D scenes from Luxion USA. The software enables a real-time 3D rendering workflow that displays results immediately and reduces the time required to create photorealistic product photos. A path traversal vulnerability exists in the Luxion KeySh...

CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

Code injection

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

CVE-2020-29582

CVE-2020-29582 : In JetBrains Kotlin prior to 1.4.21, a vulnerable Java API was used for temporary file and folder creation, enabling an attacker to read data from those files and list directories due to insecure permissions. Affected product: Kotlin/JetBrains Kotlin (pre-1.4.21). Root cause: ins...

CVE-2020-29582

In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permissions...

(0Day) Microsoft Windows PowerShell Shell Handler Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the shell handle...

openSUSE Security Update : virtualbox (openSUSE-2021-165)

This update for virtualbox fixes the following issues : Version update to 6.1.18 released January 19 2021 This is a maintenance release. The following items were fixed and/or added : - Nested VM: Fixed hangs when executing SMP nested-guests under certain conditions on Intel hosts bug 19315, 19561...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:0165-1 Rating: important References: 1181197 1181198 Cross-References: CVE-2021-2074 CVE-2021-2129 Affected Products: openSUSE Leap 15.2 An update that fixes two vulnerabilities is now available. Descriptio...

CVE-2021-3178

A flaw leak of the file handle for parent directory in the Linux kernel's NFS3 functionality was found in the way user calls READDIRPLUS. A local user could use this flaw to traverse to other parts of the file-system than mounted sub-folder. Mitigation When export subdirectory of a filesystem,...

Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452

UPDATE Oct. 28, 2021: Mandiant has recently observed targeted threat actors using EWS impersonation via the ApplicationImpersonation role to maintain persistent access to mailboxes in victim environments. Once the threat actor has access to this role, its abuse is hard to detect and provides the...

CVE-2021-23837

An issue was discovered in flatCore before 2.0.0 build 139. A time-based blind SQL injection was identified in the selectedfolder HTTP request body parameter for the acp interface. The affected parameter which retrieves the file contents of the specified folder was found to be accepting malicious...

Joomla! 1.7.x < 3.9.23 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 1.7.x prior to 3.9.23. It is, therefore, affected by multiple vulnerabilities. - The autosuggestion feature of comfinder did not respect the access level of the corresponding terms. - The globlal...

Mail.ru: todo.mail.ru open .git

todo.mail.ru landing .git folder was publicly accessible...

PT-2021-11722 · Quest · Quest Policy Authority

Name of the Vulnerable Software and Affected Versions: Quest Policy Authority version 8.1.2.200 Description: The issue allows attackers to inject malicious code into the browser via a specially crafted link to the "PolicyAuthority/Common/FolderControl.jsp" file using the unqID parameter. This...

Quest Policy Authority Cross-Site Scripting Vulnerability

Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data between various media text and instant messaging, videoconferencing, email and voicemail. A cross-site scripting vulnerabili...

CVE-2020-35112

If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension such as .bat or .exe that executable would have been launched instead. Note:...