CVE-2019-18871

A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution...

CVE-2019-18866

Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database...

CVE-2019-18872

Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords e.g., 1 or 1234...

CVE-2019-18867

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/...

CVE-2019-18869

Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17...

EUVD-2019-8562

Malware in sbrugna...

EUVD-2019-8566

Malware in sbrugna...

EUVD-2019-8561

Malware in sbrugna...

EUVD-2019-8565

Malware in sbrugna...

EUVD-2019-8559

Malware in sbrugna...

EUVD-2019-8564

Malware in sbrugna...

EUVD-2019-8563

Malware in sbrugna...

EUVD-2019-8567

Malware in sbrugna...

CVE-2019-18868

Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak...

CVE-2019-18864

/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine...

kiln-direct.com Cross Site Scripting vulnerability OBB-3957649

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Malicious code in kiln-desktop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ced7fe4f98a9d76766dce93b281c2cb0bbefc77a4698e0cfe9a74686ddb1013a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7058 Malicious code in kiln-desktop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ced7fe4f98a9d76766dce93b281c2cb0bbefc77a4698e0cfe9a74686ddb1013a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory for kiln (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: kiln-0.3.1-4.fc36

A simple static site generator. Features - Simple - Extensible - Gemini support - Atom feeds - Go templates...