Pluck 4.7.18 Remote Shell Upload

Title: pluck-4.7.18 - FI + RCE. Author: nu11secur1ty Date: 07.19.2023 Vendor: https://github.com/pluck-cms/pluck/wiki Software: https://github.com/pluck-cms/pluck Reference: https://portswigger.net/daily-swig/rce Reference: https://portswigger.net/web-security/file-upload Description: The attacke...

The vulnerability of ESET Server Security, ESET Endpoint Antivirus, and ESET Cyber Security lies in the insecure management of privileges, allowing attackers to elevate their privileges to the root level.

The vulnerability of ESET Server Security, ESET Endpoint Antivirus, ESET Cyber Security, and ESET Endpoint Antivirus lies in the insecure management of privileges. Exploiting this vulnerability can allow attackers to elevate their privileges to the root level...

CVE-2023-22048

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Pluggable Auth. Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successf...

CVE-2022-4023 3DPrint < 3.5.6.9 - CSRF to arbitrary file downlad

The 3DPrint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will create an archive of any files or directories on the target server by tricking a...

Server Side Request Forgery (SSRF)

wp-graphql/wp-graphql is vulnerable to Server Side Request Forgery SSRF. The vulnerability exists due to executable paths in GraphQL queries like createMediaItem, which allows authenticated users to get unauthorized access to servers, thus jeopardizing server security...

Path traversal

Uptime Kuma, a self-hosted monitoring tool, has a path traversal vulnerability in versions prior to 1.22.1. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API endpoints are...

Code injection

A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...

Directory traversal

Directory traversal vulnerability in Pleasanter Community Edition and Enterprise Edition 1.3.39.2 and earlier versions allows a remote authenticated attacker to alter an arbitrary file on the server...

CVE-2023-32623

Directory traversal vulnerability in Snow Monkey Forms v5.1.1 and earlier allows a remote unauthenticated attacker to delete arbitrary files on the server...

CVE-2023-1722

Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators...

CVE-2023-1722 Yoga Class Registration System 1.0 - ATO

Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators...

CVE-2023-1721

The CVE-2023-1721 entry concerns Yoga Class Registration System v1.0 where an administrator can execute commands on the server due to improper validation of class thumbnails during upload. The related documents repeatedly describe a file-upload vulnerability that, enabled by admin privileges, all...

Vulnerability fixed in ESET Security products

ESET has fixed a vulnerability in the following Security products for Linux and macOS: Server Security for Linux Endpoint Antivirus for Linux Cyber Security Endpoint Antivirus for macOS A local malicious agent can exploit the vulnerability to grant themselves elevated privileges and execute code...

4D SAS 4D Server 信任管理问题漏洞

4D SAS 4D Server is a rapid development platform for business applications from 4D. A security vulnerability exists in 4D SAS 4D Server Application that stems from the presence of an information disclosure vulnerability...

PT-2023-3448 · Microsoft · Odbc Driver For Sql Server

Name of the Vulnerable Software and Affected Versions: Microsoft ODBC Driver for SQL Server affected versions not specified Description: The issue is related to insufficient input validation in the Microsoft ODBC Driver for SQL Server library, which can allow an attacker to execute arbitrary code...

Eset Server Security 安全漏洞

ESET Eset Server Security is an It solution from ESET Slovakia. It is used to block peripheral malware as well as suspicious Web and Ftp traffic. A security vulnerability exists in some ESET products, which stems from improper privilege management. The vulnerability can be exploited by an attacke...

PT-2023-3648 · Eset · Eset Server Security +2

Name of the Vulnerable Software and Affected Versions: ESET Server Security affected versions not specified ESET Endpoint Antivirus affected versions not specified ESET Cyber Security affected versions not specified ESET Endpoint Antivirus affected versions not specified Description: A local...

Design/Logic Flaw

The WP Directory Kit plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.9 via the 'wdkpublicaction' function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2023-2150)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scrubs & Beyond Leaks 400GB of User PII and Card Data in Plain Text

By Waqas Scrubs & Beyond were alerted multiple times about the data leak, but the company did not respond or secure the server. This is a post from HackRead.com Read the original post: Scrubs & Beyond Leaks 400GB of User PII and Card Data in Plain Text...