GHSA-VR2G-RHM5-Q4JR CI4MS: Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability 1: Stored DOM XSS via Profile Name Update Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized User Name in Profile Management Description The application fails to properly sanitize user-controlled input when users update their profile name e.g., full...

CI4MS: Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability 1: Stored DOM XSS via Profile Name Update Persistent Payload Injection - Stored Cross-Site Scripting via Unsanitized User Name in Profile Management Description The application fails to properly sanitize user-controlled input when users update their profile name e.g., full...

ASUSTOR ADM 安全漏洞

ASUSTOR ADM is a dedicated operating system developed by ASUSTOR Technology ASUSTOR for all ASUSTOR NAS devices. Vulnerabilities exist in versions 4.1.0 to 4.3.3.ROF1, and from version 5.0.0 to 5.1.1.RCI1 of ASUSTOR ADM. These vulnerabilities stem from the DDNS update feature not correctly...

WordPress Ultimate Coming Soon & Maintenance plugin <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Template Name Update vulnerability

Missing Authorization to Authenticated Subscriber+ Template Name Update vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Ultimate Coming Soon & Maintenance versions = 1.0.9...

CVE-2024-9705 Ultimate Coming Soon & Maintenance <= 1.0.9 - Missing Authorization to Authenticated (Subscriber+) Template Name Update

The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsmupdatetemplatenamelite' function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...

WordPress SP Project & Document Manager plugin <= 4.70 - Authenticated (Subscriber+) Arbitrary Folder Name Update vulnerability

Authenticated Subscriber+ Arbitrary Folder Name Update vulnerability discovered by fewwords huang in WordPress Plugin SP Project & Document Manager versions = 4.70...

DEBIAN-CVE-2023-52478

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect hidppconnectevent has four time-of-check vs time-of-use TOCTOU races when it races with itself. hidppconnectevent primarily runs from a workqueue but it also runs o...

osTicket < 1.12.6, 1.14.0 < 1.14.2 XSS Vulnerability

osTicket is prone to a cross-site scripting XSS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

h1-ctf: [h1-415 2020] Spent a week and failed at solving the last step.

Summary: I found something interesting with Headless chrome debugging in the last step, I am sure I am going to solve this after trying very hard for about a week, I don't know when this CTF is going to end, that's why I am submitting a summary of how to solve this so that I can write the full...

Elefant CMS 1.3.9 Cross Site Scripting

Document Title: =============== Elefant CMS v1.3.9 - Persistent Name Update Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1365 Release Date: ============= 2014-12-03 Vulnerability Laboratory ID VL-ID: ====================================...

Elefant CMS v1.3.9 - Persistent Name Update Vulnerability

Document Title: =============== Elefant CMS v1.3.9 - Persistent Name Update Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1365 Release Date: ============= 2014-12-03 Vulnerability Laboratory ID VL-ID: ====================================...

HP-UX Security Patch : PHSS_27002

X OV NNM6.2 iface selection name update %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid51489; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

Low: Red Hat Enhancement Advisory: oprofile enhancement update

An oprofile enhancement update that provides support for POWER5+ and uses the current event names for POWER4 and POWER5 is now available. The oprofile package contains a profiling system for systems running the Linux kernel. Profiling runs transparently in the background while profile data is...