Dream CMS suffers from SQL injection vulnerability (CNVD-2021-51284)

Dream CMS lmxcms is developed using php language and mysql database, and adopts the mainstream MVC design model. Dream CMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...

ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?

A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. A remote attacker could exploit this flaw to make a Ruby...

Initialization functions can be front-run with malicious values

Handle 0xRajeev Vulnerability details Impact Most contracts have public visibility initialization functions that can be front-run, allowing an attacker to incorrectly initialize the contracts. Due to the use of the delegatecall proxy pattern, PrizePool/YieldSourcePrizePool/StakePrizePool,...

Rails Mass Assignment

Ruby On Rails is a popular framework used to build web applications based on the Model-View-Controller MVC architectural pattern. A mass assignment vulnerability occurs when an application automatically performs the mapping between a request parameters and a model attributes. This vulnerability c...

Cotonti Siena 0.9.19 Cross Site Scripting

Exploit Title: Cotonti Siena 0.9.19 - 'maintitle' Stored Cross-Site Scripting Date: 2021-15-06 Exploit Author: Fatih İLGİN Vendor Homepage: cotonti.com Vulnerable Software: https://www.cotonti.com/download/siena0919 Affected Version: 0.9.19 Tested on: Windows 10 Vulnerable Parameter Type: POST...

API Securing in 2021 — Top 10 Best Practices

API Securing in 2021📋 — Top 10 Best Practices I love drawing inspiration from real life and todays article is no different. I often get asked the question on how to hack an API but what some people don’t realise is that almost everything is connected to an API these days, even the smart fridges i...

ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch?

A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the built-in methods File.fnmatch and its alias File.fnmatch? did not properly handle path patterns containing the NULL byte. A remote attacker could exploit this flaw to make a Ruby...

Acronis True Image Denial of Service Vulnerability

Acronis True Image is a well-known data backup and restore software from Singapore-based Acronis. Acronis True Image 2020 version 24.5.22510 contains a denial of service vulnerability that stems from the program's logs being generated in a predictable pattern, allowing a non-privileged user to...

Design/Logic Flaw

An issue was discovered in Acronis True Image 2020 24.5.22510. antiransomwareservice.exe keeps a log in a folder where unprivileged users have write permissions. The logs are generated in a predictable pattern, allowing an unprivileged user to create a hardlink from a not yet created log file to...

libyang: heap-based buffer over-read in function lys_type_free() due to malformed pattern

A heap-based buffer over-read flaw occurs in libyang in function lystypefree due to a malformed pattern statement value. Applications that use libyang to process untrusted input yang files may be vulnerable to this flaw, possibly causing a crash or information leaks...

Advanced Guestbook 2.4.4 - (Smilies) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Advanced Guestbook 2.4.4 - 'Smilies' Persistent Cross-Site Scripting XSS Exploit Author: Abdulkadir AYDOGAN Vendor Homepage: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Software Link: https://www.ampps.com/apps/guestbooks/AdvancedGuestbook Version: 2.4.4 Advanced...

CVE-2021-29471 Denial of service in Matrix Synapse

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

CVE-2021-29471

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including eventmatch, which matches event...

py-matrix-synapse -- malicious push rules may be used for a denial of service attack.

Matrix developers report: "Push rules" can specify conditions under which they will match, including eventmatch, which matches event content against a pattern including wildcards. Certain patterns can cause very poor performance in the matching engine, leading to a denial-of-service when processi...

Validation bypass in jpv

jpv aka Json Pattern Validator before 2.2.2 does not properly validate input, as demonstrated by a corrupted array...

GHSA-VH6R-G38F-Q3W8 Validation bypass in jpv

jpv aka Json Pattern Validator before 2.2.2 does not properly validate input, as demonstrated by a corrupted array...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. It used to call Kernelopen to open a local file. If a Ruby project hasa file whose name starts with | and ends with tags, the command followingthe pipe character is executed. A malicious Ruby project could exploit it...

CVE-2021-31856

A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint order parameter in GetMesheryPatterns in models/mesherypatternpersister.go...

Regular Expression Denial Of Service (ReDoS)

postcss is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure usage of regex sub-pattern /\\s sourceMappingURL=. via getAnnotationURL and loadAnnotation in lib/previous-map.js...

Vader functions can be called before initialization in init() of Vader.sol

Handle 0xRajeev Vulnerability details Impact All the external/public functions of Vader.sol can be called by other contracts even before Vader.sol contract is initialized. This can lead to exceptions, state corruption or incorrect accounting in other contracts, which may require redeployment of...