CVE-2023-5550 Moodle: rce due to lfi risk in some misconfigured shared hosting environments

In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution...

Sql injection

An issue was discovered in Spiceworks Help Desk Server before 1.3.3. A Blind Boolean SQL injection vulnerability within the orderbyforticket function in app/models/reporting/databasequery.rb allows an authenticated attacker to execute arbitrary SQL commands via the sort parameter. This can be...

NewStart CGSL MAIN 6.06 : sysstat Vulnerability (NS-SA-2023-0138)

The remote NewStart CGSL host, running version MAIN 6.06, has sysstat packages installed that are affected by a vulnerability: - sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures...

Cisco IOX XE Unauthenticated RCE Chain

This module leverages both CVE-2023-20198 and CVE-2023-20273 against vulnerable instances of Cisco IOS XE devices which have the Web UI exposed. An attacker can execute a payload with root privileges. The vulnerable IOS XE versions are: 16.1.1, 16.1.2, 16.1.3, 16.2.1, 16.2.2, 16.3.1, 16.3.2,...

CVE-2021-43609

CVE-2021-43609 affects Spiceworks Help Desk Server prior to 1.3.3. A blind boolean SQL injection in the sort parameter via the order_by_for_ticket function (app/models/reporting/database_query.rb) allows an authenticated attacker to execute arbitrary SQL commands, enabling leakage of local files ...

CVE-2023-46253

Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution RCE. Squidex allows users with the squidex.admin.restore...

CVE-2023-46253 Remote code execution in Squidex

Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution RCE. Squidex allows users with the squidex.admin.restore...

CVE-2023-46253 Remote code execution in Squidex

Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution RCE. Squidex allows users with the squidex.admin.restore...

WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE)

Software Rename Media Files Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-32095 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID c2971a04bd19 Credits Taihei Shimamine Required...

Rocky Linux 8 : php:7.4 (RLSA-2022:6158)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6158 advisory. - In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the...

Fedora 39 : moodle (2023-6bd1586dc5)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6bd1586dc5 advisory. Latest updates Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

CVE-2023-5601

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...

Default credentials

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...

Exploit for SQL Injection in Spiceworks Help_Desk_Server

Spiceworks Sort SQLi There's a SQLi in a sort parameter of...

CVE-2023-5601

CVE-2023-5601 affects the WooCommerce Ninja Forms Product Add-ons plugin for WordPress (versions

CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...

CVE-2023-45827

Dot diver is a lightweight, powerful, and dependency-free TypeScript utility library that provides types and functions to work with object paths in dot notation. In versions prior to 1.0.2 there is a Prototype Pollution vulnerability in the setByPath function which can leads to remote code...

CVE-2023-45827 Prototype Pollution vulnerability in @clickbar/dot-diver

Dot diver is a lightweight, powerful, and dependency-free TypeScript utility library that provides types and functions to work with object paths in dot notation. In versions prior to 1.0.2 there is a Prototype Pollution vulnerability in the setByPath function which can leads to remote code...

CVE-2023-45827

CVE-2023-45827 affects the Dot diver library (@clickbar/dot-diver). The Red Hat and OSV/GHSA records confirm a Prototype Pollution vulnerability in the setByPath function, enabling potential remote code execution. Details from connected records show the issue occurs in versions prior to 1.0.2 due...

CVE-2023-45827 Prototype Pollution vulnerability in @clickbar/dot-diver

Dot diver is a lightweight, powerful, and dependency-free TypeScript utility library that provides types and functions to work with object paths in dot notation. In versions prior to 1.0.2 there is a Prototype Pollution vulnerability in the setByPath function which can leads to remote code...