Arbitrary Code Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

Nhost Leaks Refresh Tokens via URL Query Parameter in OAuth Provider Callback

Refresh Token Leaked via URL Query Parameter in OAuth Provider Callback Summary The auth service's OAuth provider callback flow places the refresh token directly into the redirect URL as a query parameter. Refresh tokens in URLs are logged in browser history, server access logs, HTTP Referer...

[SECURITY] Fedora 40 Update: oath-toolkit-2.6.12-1.fc40

The OATH Toolkit provide components for building one-time password authentication systems. It contains shared libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm RFC4226 and the time-based TOTP algorithm RFC6238. OATH stands for Open...

CVE-2023-33105 Configuration Issue in WLAN Host and Firmware

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number...

CVE-2023-33105 Configuration Issue in WLAN Host and Firmware

Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a denial of service in the WLAN host and firmware when a large number of open authentication frames with invalid transaction sequence numbers are sent...

PT-2024-12411 · Wlan Host +1 · Wlan Host +1

Name of the Vulnerable Software and Affected Versions: WLAN Host and Firmware affected versions not specified Description: The issue is related to a transient Denial of Service DOS in WLAN Host and Firmware. This occurs when a large number of open authentication frames are sent with an invalid...

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

Exploit Title: PaulPrinting CMS - Search Delivery Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2286 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================== 2286 Common...

Webile 1.0.1 Directory Traversal

Document Title: =============== Webile v1.0.1 - Directory Traversal Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2320 Release Date: ============= 2022-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 232...

org.apereo.cas:cas-server-support-oauth (>=6.1.0-RC2 <=6.1.0-RC4), org.apereo.cas:cas-server-support-oauth-core (>=6.1.0-RC2 <=6.1.0-RC4) +5 more potentially affected by CVE-2019-10754 via org.apereo.cas:cas-server-support-oauth-core-api (>=6.1.0-RC2 <=6.1.0-RC4)

org.apereo.cas:cas-server-support-oauth-core-api MAVEN version =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC2, =6.1.0-RC4 Source cves: CVE-2019-10754 Source advisory: OSV:GHSA-G24W-373R-5PXG...

SIGE (Joomla) 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities

Document Title: =============== SIGE Joomla 3.4.1 & 3.5.3 Pro - Multiple Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2265 Release Date: ============= 2020-11-11 Vulnerability Laboratory ID VL-ID: ====================================...

LANCOM WLAN Controller - (Login) XSS Proof of Concept

Document Title: =============== LANCOM WLAN Controller - Login XSS Proof of Concept References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2255 Video: https://www.youtube.com/watch?v=55jpvxtBsUE Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2196 Release Date:...

Sky File v2.1.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== Sky File v2.1.0 iOS - Multiple Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2207 Release Date: ============= 2020-04-20 Vulnerability Laboratory ID VL-ID: ==================================== 2207...

Facebook - Instagram Business Access Token Demo PoC

Document Title: =============== Facebook - Instagram Business Access Token Demo PoC References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2153 View: https://www.youtube.com/watch?v=4Obsd1Qw7uU News & Press:...

Barracuda ADC 5.x - Multiple Persistent Vulnerabilities

Document Title: =============== Barracuda ADC 5.x - Multiple Persistent Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1424 Release Date: ============= 2018-07-11 Vulnerability Laboratory ID VL-ID: ==================================== 14...

Barracuda ADC 5.x - Filter Bypass & Persistent Vulnerability

Document Title: =============== Barracuda ADC 5.x - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1423 Release Date: ============= 2018-07-08 Vulnerability Laboratory ID VL-ID: ==================================...

Ebay Inc - CSRF Exploitation PoC of User Data Delete

Document Title: =============== Ebay Inc - CSRF Exploitation PoC of User Data Delete References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2053 Video: https://www.youtube.com/watch?v=KUenuqImsBs Release Date: ============= 2018-07-05 Vulnerability Laboratory ID VL-ID:...

Salesforce RegistrationForm - Persistent Web Vulnerability

Document Title: =============== Salesforce RegistrationForm - Persistent Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2054 Salesforce Security ID: 219513 Release Date: ============= 2018-06-21 Vulnerability Laboratory ID VL-ID:...

Magento Products T1 - Bypass & Persistent Vulnerability

Document Title: =============== Magento Products T1 - Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1919 Release Date: ============= 2018-06-19 Vulnerability Laboratory ID VL-ID: ==================================== 19...

Acadmic Microsoft - (API) Filter Cross Site Vulnerability

Document Title: =============== Acadmic Microsoft - API Filter Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2056 MSRC ID: 0001010174 Release Date: ============= 2018-01-20 Vulnerability Laboratory ID VL-ID:...