Rapid7 Metasploit Framework Zip Import Directory Traversal

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ in the Zip import function of Metasploit. Exploiting this vulnerability can allow an attacker to execute arbitrary code in Metasploit at the privilege level...

ExpertGPS 6.38 - XML External Entity Injection Vulnerability

Exploit for xml platform in category web applications + Exploit Title: ExpertGPS 6.38 - XML External Entity Injection + Exploit Author: Trent Gordon + Vendor Homepage: https://www.topografix.com/ + Software Link: http://download.expertgps.com/SetupExpertGPS.exe + Disclosed at: 7FEB2020 + Version:...

ExpertGPS 6.38 - XML External Entity Injection

ExpertGPS 6.38 - XML External Entity Injection + Exploit Title: ExpertGPS 6.38 - XML External Entity Injection + Date: 2019-12-07 + Exploit Author: Trent Gordon + Vendor Homepage: https://www.topografix.com/ + Software Link: http://download.expertgps.com/SetupExpertGPS.exe + Disclosed at: 7FEB202...

Open-Xchange: XSS - Guard - Insufficient escaping of User-IDs from PGP Keys

Vulnerability PGP user IDs are typically in form of name and OX Guard properly escapes angle brackets when inserting them to HTML. But in the code for displaying a list of keys it inserts IDs into HTML attributes without escaping double quote characters. javascript //...

Ruckus Wireless Unleashed emfd Arbitrary OS Command Execution Vulnerability

Ruckus Wireless Unleashed is a wireless virtual control device. The Ruckus Wireless Unleashed emfd admin/cmdstat.jsp fails to properly handle the xcmd=import-category attribute, which can be exploited by a remote attacker to submit a special POST request that can be used in the application contex...

CVE-2020-8417

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...

Cross site request forgery (csrf)

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...

DEBIAN-CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

CVE-2015-0294

GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate...

git: Arbitrary path overwriting via export-marks in-stream command feature

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

ALPINE-CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

DEBIAN-CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

CVE-2019-1348

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths...

Sql injection

The MARC framework import/export function admin/importexportframework.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors...

CVE-2014-1924

The CVE-2014-1924 entry affects Koha’s MARC framework import/export function (admin/import_export_framework.pl). The vulnerability occurs in Koha versions before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3, where the import/export interface does not require auth...

CVE-2019-19839

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/cmdstat.jsp via the uploadFile attribute...

[SECURITY] [DLA 2059-1] git security update

Package : git Version : 1:2.1.4-2.1+deb8u8 CVE ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1353 CVE-2019-1387 Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git...

Jama Connect Cross-Site Scripting Vulnerability

Jama Connect is an application lifecycle management product that can be deployed in the cloud or installed on Mac and Windows devices. A cross-site scripting vulnerability exists in Jama Connect 8.44.0. The vulnerability can be exploited to conduct a cross-site scripting attack via the Select...

Uploading a malformed Word document and requesting it repeatedly renders Confluence unavailable.

h3. Issue Summary From the researcher: There is a Denial of Service issue in the "Import Word Document" functionality of Confluence Server. When importing a specially crafted word or openoffice document see attached Confluence will throw an java.lang.OutOfMemoryError:. Background: A Word document...