Design/Logic Flaw

An issue was discovered in Hyland Alfresco Community Edition through 7.2.0. By inserting malicious content in the folder.get.html.ftl file, an attacker may perform SSTI Server-Side Template Injection attacks, which can leverage FreeMarker exposed objects to bypass restrictions and achieve RCE...

CVE-2023-49964

Hyland Alfresco Community Edition (up to v7.2.0) is affected by CVE-2023-49964 due to an SSTI flaw in the folder.get.html.ftl FreeMarker template. An attacker who can insert malicious content into that template may leverage FreeMarker exposed objects to bypass restrictions and achieve Remote Code...

WordPress 6.4.x < 6.4.2 RCE Vulnerability - Linux

WordPress is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Atlassian Releases Security Advisories for Multiple Products

Atlassian has released security updates to address vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply th...

Kopage Website Builder 4.4.15 Shell Upload

Title: Kopage-Website-Builder-4.4.15-File-Upload-RCE Author: nu11secur1ty Date: 12/08/2023 Vendor: https://www.kopage.com/ Software: https://demo.kopage.com/index.php Reference: https://portswigger.net/web-security/file-upload,...

Atlassian Jira Service Management Assets Discovery < 6.2.0 (JSDSERVER-14925)

The version of the Atlassian Jira Service Management Assets Discovery formerly Insight Discovery app running on the remote host is prior to 6.2.0. It is, therefore, affected by a remote code execution vulnerability as referenced in the JSDSERVER-14925 advisory. The vulnerability exists between th...

Qlik Sense Enterprise HTTP Tunneling RCE

The version of Qlik Sense Enterprise installed on the remote Windows host is prior to November 2021 Patch 17, February 2022 prior to Patch 15, May 2022 prior to Patch 16, August 2022 prior to Patch 14, November 2022 prior to Patch 12, February 2023 prior to Patch 10, May 2023 prior to Patch 6 or...

Atlassian Addresses Critical RCE Flaws

Summary: Four critical vulnerabilities, namely CVE-2023-22522, CVE-2023-22523, CVE-2023-22524, and CVE-2022-1471, have been identified impacting the Confluence, Jira, and Bitbucket servers, along with a companion app for macOS. If successfully exploited, these vulnerabilities could lead to remote...

CVE-2023-50164

CVE-2023-50164 is an Apache Struts 2 directory traversal flaw in the file-upload parameter that can enable Remote Code Execution. Public details indicate exploitation attempts in the wild and advisories urging upgrading to Struts 2.5.33 or Struts 6.3.0.2 (or greater) to fix the issue. Affected co...

CVE-2023-48860

TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code...

Code injection

TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code...

WP 6.4-6.4.1 - POP Chain

Description WP 6.4 introduced a PHP gadget chain. While the issue is not directly exploitable, it could be used along with a PHP unserialization for example in a plugin or theme installed on the blog to achieve RCE...

ConQuest Dicom Server 1.5.0d Remote Command Execution

!/usr/bin/env python3 --------------------------------------------------------- preauth rce poc for ConQuest Dicom Server 1.5.0d --------------------------------------------------------- 04.08.2023 @ 22:07 code610 blogspot com import socket target = '192.168.56.106' rport = 5678 pkt1 =...

CVE-2023-48860

TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect access control, allows attackers can bypass front-end security restrictions and execute arbitrary code...

CVE-2023-48860

CVE-2023-48860 affects TOTOLINK N300RT version 3.2.4-B20180730.0906, with a post-authentication RCE caused by improper access control that lets an attacker bypass front-end security and execute arbitrary code. No explicit exploit details or affected fix/patch versions are provided in the connecte...

CVE-2023-48859

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...

CVE-2023-48859

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...

Code injection

TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code...

CVE-2023-22522

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution RCE on an affected instance. Publicly accessible Confluence Da...

CVE-2023-22524

CVE-2023-22524 describes a remote code execution in the Atlassian Companion App for macOS. The issue arises from how the app handles certain file types and its WebSocket-based communication, allowing an attacker to bypass the app’s blocklist and macOS Gatekeeper, potentially enabling arbitrary co...