TextPattern CMS 4.8.7 Remote Command Execution

Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...

OESA-2021-1217 xorg-x11-server security update

X.Org X11 X server Security Fixes: A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

SUSE: Security Advisory (SUSE-SU-2017:2907-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Securing REST with free API Firewall How-to guide

In our modern world, web applications are becoming ever more important. Bad actors know this and they target them more frequently than ever before. This is not likely to stop any time soon as the number of web applications the world needs will only go up with its reliance on technology. To fully...

XDcms Has Arbitrary File Deletion Vulnerability

XDcms is a general purpose content management system. XDcms has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete any file on the server...

PYSEC-2021-95

The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basicauthprotocolfactorycredentials=.... An attacker may be able to guess a password via a timing attack...

CVE-2021-33840

The CVE-2021-33840 issue affects Luca app up to v1.1.14, where Phone Number data is stored without a digital signature. This enables remote attackers to insert many fake COVID-19 records, causing a denial of service. Public documents confirm the vulnerability, its impact (DoS from mass fake recor...

Thecus N4800Eco Nas Server Control Panel - Comand Injection Exploit

Exploit Title: Thecus N4800Eco Nas Server Control Panel - Comand Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: http://www.thecus.com/ Software Link: http://www.thecus.com/product.php?PRODID=83 Version: N4800Eco Description:...

CVE-2021-32646 Escalation of permissions in roomer

Roomer is a discord bot cog extension which provides automatic voice channel generation as well as private voice and text channels. A vulnerability has been discovered allowing discord users to get the manage channel permissions in a private VC they have joined. This allowed them to make changes ...

CVE-2021-30194

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read...

SP Project & Document Manager < 4.22 - Authenticated Shell Upload

The plugin allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for...

Open-Xchange: Command Injection via STARTTLS in SMTP

During our research into the security of email servers at Münster University of Applied Sciences, we found a command injection vulnerability related to STARTTLS in Dovecot. See the attached advisory for details. The vulnerability allows a MITM attacker between a mail client and Dovecot to inject...

U.S. Dept Of Defense: Default Admin Username and Password on █████ Server at █████████mil

Description: A ██████ Server is running at https://███mil you can access the login at https://████mil/█████████ the application is using the default "Administrator for the default organization" credentials POC Go to https://███mil/████████ and login with █████ ██████████ ████ ████ How to remediat...

SQL Injection Vulnerability in CloudLock Server-Side Windows Version

CloudLock is a free server security management software based on operating system kernel hardening technology, which supports cross-platform real-time, batch and remote security management of windows/linux servers. SQL injection vulnerability exists in the Windows version of CloudLock server...

GHSA-GRV5-W5VR-8H98 Path Traversal in droppy

This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server...

Cross-site Scripting (XSS) - Reflected in coppermine-gallery/cpg1.6.x

✍️ Description Coppermine is vulnerable to XSS attacks on /plugins/uploadh5a/help.php because it doesnt sanitize user supplied parameters as shown below. Vulnerable variable: t Method: GET The $styles variable is constructed using the user supplied data, and then is echo in the response. $styles =...

SQL Injection Vulnerability in File Server Configuration Management System of UFIDA Network Technology Co.

Founded in 1988, UFIDA is a global provider of advanced cloud services, software, and financial services for enterprises and public organizations. A SQL injection vulnerability exists in the File Server Configuration Management System of UFIDA Network Technology Co., Ltd. that can be exploited by...

File upload vulnerability at hybbs 2.3.2 template

hybbs is a PHP web program that supports plugin extensions and template extensions. A file upload vulnerability exists in the hybbs 2.3.2 template, which can be exploited by an attacker to gain control of the web server...

SUSE: Security Advisory (SUSE-SU-2017:1705-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-29430

CVE-2021-29430 affects Sydent, the Matrix identity server. The issue allows memory exhaustion/DoS because HTTP requests can have unbounded body sizes and responses from remote homeservers can be very large. The vulnerability impacts servers handling untrusted registration requests. Patched releas...