145 matches found
CVE-2023-46815
An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using a crafted request, custom PHP code can be injected via the Notes module because of missing input validation. An attacker with...
CVE-2023-46816
An issue was discovered in SugarCRM 12 before 12.0.4 and 13 before 13.0.2. A Server Site Template Injection SSTI vulnerability has been identified in the GecControl action. By using a crafted request, custom PHP code can be injected via the GetControl action because of missing input validation. A...
PT-2023-30232 · Sugarcrm · Sugarcrm
Name of the Vulnerable Software and Affected Versions: SugarCRM versions prior to 12.0.4 SugarCRM versions prior to 13.0.2 Description: A Server Site Template Injection SSTI issue has been identified in the GecControl action, allowing custom PHP code injection via the GetControl action due to...
CVE-2023-4997
Improper authorisation of regular users in ProIntegra Uptime DC software versions below 2.0.0.33940 allows them to change passwords of all other users including administrators leading to a privilege escalation...
CVE-2023-4918
A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are abl...
CVE-2023-38033
ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-39237
ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
CVE-2023-39236
ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services...
PT-2023-7492 · Asus · Asus Rt-Ac86U
Name of the Vulnerable Software and Affected Versions: ASUS RT-AC86U affected versions not specified Description: The issue is related to the insufficient filtering of special characters in the Traffic Analyzer legacy Statistic function of the ASUS RT-AC86U router. A remote attacker with regular...
LimeSurvey 5.6.34-230816 has a storage based XSS vulnerability caused by importManifest
Description A regular user with "theme" privileges who maliciously sets the "templatename" during the importManifest process can lead to a stored Cross-Site Scripting XSS vulnerability. Proof of Concept The first step is to create a user with only 'theme' permission. Log in to this user and make ...
Cross site scripting
A stored cross-site scripting XSS issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site...
Insecure Business Logic - Client Side Enforcement Bypass on User Account Deletion
Description The application enforces account deletion on the client-side with a popup that states the admin account cannot be deleted. Additionally, regular users do not have an option in the interface to delete their own account. An administrative and regular-privileged user are able to bypass...
SUSE CVE-2018-12561
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as filemode= by manipulating for example the domain parameter of the samba URL...
CVE-2022-34682
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pointer dereference, which may lead to denial of service...
CVE-2022-34672
NVIDIA Control Panel for Windows contains a vulnerability where an unauthorized user or an unprivileged regular user can compromise the security of the software by gaining privileges, reading sensitive information, or executing commands...
CVE-2022-41814 Potential XSS in history view
Cross-site Scripting XSS vulnerability in BlueSpiceFoundation extension of BlueSpice allows user with regular account and edit permissions to inject arbitrary HTML into the history view of a wikipage...
PT-2022-26206 · Unknown +1 · Bluespicebookshelf +1
Name of the Vulnerable Software and Affected Versions: BlueSpice affected versions not specified Description: The issue allows a user with a regular account and edit permissions to inject arbitrary HTML into the book navigation, which is a result of a Cross-site Scripting XSS vulnerability in the...
PT-2022-24980 · Bluespice · Bluespice
Name of the Vulnerable Software and Affected Versions: BlueSpice affected versions not specified Description: The issue allows a user with a regular account and edit permissions to inject arbitrary HTML into the personal menu navigation of their own and other users, enabling targeted attacks...
[SECURITY] Fedora 36 Update: podman-4.0.3-1.fc36
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover
A Cross-Site Request Forgery CSRF attack can be performed in mailman due to a CSRF token bypass. CSRF tokens are not checked against the right type of user when performing admin operations and a token created by a regular user can be used by an admin to perform an admin-level request, effectively...