Unrestricted access to predictable file paths in hov/jobfair

An issue was discovered in the jobfair aka Job Fair extension before 1.0.13 and 2.x before 2.0.2 for TYPO3. The extension fails to protect or obfuscate filenames of uploaded files. This allows unauthenticated users to download files with sensitive data by simply guessing the filename of uploaded...

Authentication flaw

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames...

PT-2021-16200 · WordPress · Simple Download Monitor

Name of the Vulnerable Software and Affected Versions: Simple Download Monitor WordPress plugin versions prior to 3.9.6 Description: The issue allows unauthenticated users to download and read logs containing sensitive information, such as IP addresses and usernames, due to the logs being saved i...

OESA-2021-1419 rubygem-bundler security update

Bundler manages an application's dependencies through its entire life, across many machines, systematically and repeatably. Security Fixes: Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home...

Path Traversal in bookstackapp/bookstack

Description During reading recent BookStack source code 85dc8d I discovered path traversal vulnerability. Authenticated user can have access to all files stored in storage directory. Proof of Concept GET /uploads/images/..%2f/..%2f/logs/laravel.log HTTP/1.1 Host: 172.17.0.1:8888 User-Agent:...

Information Disclosure

sylius/paypalplugin is vulnerable to information disclosure. An attacker is able to predict the URL to the payment done page, after checkout due to the use of autoincremented payment id in page creation.Prefilled credit card form shows customer's first and last name resulting in sensitive...

CVE-2021-41120

sylius/paypal-plugin is a paypal plugin for the Sylius development platform. In affected versions the URL to the payment page done after checkout was created with autoincremented payment id /pay-with-paypal/id and therefore it was easy to predict. The problem is that the Credit card form has...

Design/Logic Flaw

sylius/paypal-plugin is a paypal plugin for the Sylius development platform. In affected versions the URL to the payment page done after checkout was created with autoincremented payment id /pay-with-paypal/id and therefore it was easy to predict. The problem is that the Credit card form has...

PT-2021-23103 · Sylius · Syliud Paypal Plugin

Name of the Vulnerable Software and Affected Versions: Sylius/PayPalPlugin versions prior to 1.2.4 Sylius/PayPalPlugin versions prior to 1.3.1 Description: The URL to the payment page done after checkout was created with an autoincremented payment id /pay-with-paypal/id and therefore it was easy ...

MTN Group: CVE-2021-38314 @ https://www.mtn.co.rw

Summary: Hello. I your domain https://www.mtn.co.rw was vulnerable to CVE-2021-38314 Description: The Gutenberg Template Library & Redux Framework plugin = 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the includes function in...

The vulnerability of the “pleaseedit” system administration tool is related to an incorrect definition of the link before accessing the file. This allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the “pleaseedit” system administration tool is related to the use of predictable file names. Exploiting this vulnerability can allow attackers to access confidential data, compromise its integrity, and even cause service interruptions...

cyrus-imapd: Denial of service via string hashing algorithm collisions

A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this vulnerability is to...

CVE-2021-38314

The Gutenberg Template Library & Redux Framework plugin = 4.2.11 for WordPress registered several AJAX actions available to unauthenticated users in the includes function in redux-core/class-redux-core.php that were unique to a given site but deterministic and predictable given that they were bas...

GHSA-HQ3V-RG6F-6HX4 Use of Insufficiently Random Values in yiisoft/yii2-dev

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...

Use of Insufficiently Random Values in yiisoft/yii2-dev

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator...

CVE-2021-33582

A flaw was found in cyrus-imapd. A bad string hashing algorithm used in internal hash tables allows user inputs to be stored in predictable buckets. A user may cause a CPU denial of service by maliciously directing many inputs to a single bucket. The highest threat from this vulnerability is to...

Permissions bypass in pleaser

pleaseedit in pleaser before 0.4.0 uses predictable temporary filenames in /tmp and the target directory. This allows a local attacker to gain full root privileges by staging a symlink attack...

CVE-2021-31228

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

CVE-2021-31228

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...

Information disclosure

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...