524584 matches found
CraftCMS SEOmatic - Server-Side Template Injection
In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side. Template Injection, allowing for remote code execution. id: CVE-2021-41749 info: name: CraftCMS SEOmatic - Server-Side Template Injection author: iamnoooob,ritikchaddha...
Telesquare TLR-2855KS6 - Arbitrary File Creation
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts. id: CVE-2021-46418 info: name: Telesquare TLR-2855KS6 - Arbitrary File Creation author: DhiyaneshDK severity: high description: | An unauthorized file creation vulnerability in...
Express-handlebars - Local File Inclusion
Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential...
Prometheus - Open Redirect
Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to 2.27.0, the default UI was changed to the new UI with a URL prefixed by /new redirect to /. Due to a bug in the code, an attacker can redirect a user to a malicious site and...
Apache ShenYu Admin JWT - Authentication Bypass
Apache ShenYu 2.3.0 and 2.4.0 allow Admin access without proper authentication. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. id: CVE-2021-37580 info: name: Apache ShenYu Admin JWT - Authentication Bypass author: pdteam severity: critical descriptio...
Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
An Improper Access Control vulnerability was discovered in the plugin. Uncontrolled access to the website customization functionality and global CMS settings, like /wp-admin/customization.php and /wp-admin/options.php, can lead to a complete compromise of the target resource. id: CVE-2021-24215...
Pascom CPS Server-Side Request Forgery
Pascom versions before 7.20 packaged with Cloud Phone System contain a known server-side request forgery vulnerability. id: CVE-2021-45967 info: name: Pascom CPS Server-Side Request Forgery author: dwisiswant0 severity: critical description: Pascom versions before 7.20 packaged with Cloud Phone...
phpfastcache - phpinfo Resource Exposure
phpinfo is susceptible to resource exposure in unprotected composer vendor folders via phpfastcache/phpfastcache. id: CVE-2021-37704 info: name: phpfastcache - phpinfo Resource Exposure author: whoever severity: medium description: phpinfo is susceptible to resource exposure in unprotected compos...
SonicWall SonicOS 7.0 - Open Redirect
SonicWall SonicOS 7.0 contains an open redirect vulnerability. The values of the Host headers are implicitly set as trusted. An attacker can spoof a particular host header, allowing the attacker to render arbitrary links, obtain sensitive information, modify data, execute unauthorized operations...
Galera WebTemplate 1.0 Directory Traversal
Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow. id: CVE-2021-40960 info: name: Galera WebTemplate 1.0 Directory Traversal author: daffainfo severity: critical description: Galera WebTemplate 1.0 is affected ...
Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure
Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext. id: CVE-2021-28937 info: name: Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure...
Apache OFBiz <17.12.07 - Arbitrary Code Execution
Apache OFBiz before 17.12.07 is susceptible to arbitrary code execution via unsafe deserialization. An attacker can modify deserialized data or code without using provided accessor functions. id: CVE-2021-30128 info: name: Apache OFBiz 17.12.07 - Arbitrary Code Execution author: For3stCo1d...
Knowage Suite 7.3 - Cross-Site Scripting
Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...
Hongdian H8922 3.0.5 - Remote Command Injection
Hongdian H8922 3.0.5 devices are susceptible to remote command injection via shell metacharacters into the ip-address a/k/a Destination field to the tools.cgi ping command, which is accessible with the username guest and password guest. An attacker can execute malware, obtain sensitive informatio...
WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting
WordPress Supsystic Ultimate Maps plugin before 1.2.5 contains an unauthenticated reflected cross-site scripting vulnerability due to improper sanitization of the tab parameter on the options page before outputting it in an attribute. id: CVE-2021-24274 info: name: WordPress Supsystic Ultimate Ma...
IRTS OP5 Monitor - Cross-Site Scripting
OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting XSS. id: CVE-2021-40272 info: name: IRTS OP5 Monitor - Cross-Site Scripting author: ritikchaddha severity: medium description: | OP5 Monitor 8.3.1, 8.3.2, and OP5 8.3.3 are vulnerable to Cross Site Scripting XSS. impac...
Hue Magic 3.0.0 - Local File Inclusion
Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API. id: CVE-2021-25864 info: name: Hue Magic 3.0.0 - Local File Inclusion author: 0xAkoko severity: high description: Hue Magic 3.0.0 is susceptible to local file inclusion via the res.sendFile API. impact: | The LFI...
GenieACS => 1.2.8 - OS Command Injection
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument lib/ui/api.ts and lib/ping.ts. The vulnerability arises from insufficient input validation combined with a missing authorization check. id: CVE-2021-46704 info:...
Vehicle Service Management System 1.0 - Cross Site Scripting
Vehicle Service Management System 1.0 contains a cross-site scripting vulnerability via the User List section in login panel. id: CVE-2021-46073 info: name: Vehicle Service Management System 1.0 - Cross Site Scripting author: TenBird severity: medium description: | Vehicle Service Management Syst...
MinIO Operator Console Authentication Bypass
MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...