Employee Performance Evaluation System v1.0 - File Inclusion and RCE

Exploit Title: Employee Performance Evaluation System v1.0 - File Inclusion and RCE Exploit Author: nu11secur1ty Date: 03.17.2023 Vendor: https://www.sourcecodester.com/user/257130/activity Software:...

GHSA-VF7Q-G2PV-JXVX Pimcore vulnerable to improper quoting of filters in Custom Reports

Impact Since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method no CSRF protection, an attacker can inject an arbitrary query by manipulating a user to click on a link. The impact of this path traversal and arbitra...

PT-2023-21721 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: Pimcore versions prior to 10.5.19 Description: Pimcore is an open source data and experience management platform. Since a user with 'report' permission can already write arbitrary SQL queries and given the fact that an endpoint is using the G...

SUSE-SU-2023:0746-1 Security update for perl-Net-Server

This update for perl-Net-Server fixes the following issues: - CVE-2013-1841: Fixed insufficient hostname access checking bsc808830...

CVE-2023-27577

Summary : CVE-2023-27577 affects flarum prior to 1.7.0. A compromised admin account can exploit a flaw in the LESS parser to perform path traversal and read sensitive server files (e.g., /etc/passwd) by supplying an absolute path in the custom LESS setting. The vulnerability’s impact depends on t...

File Upload Bypass Leads to Remote Code Execution (RCE)

Description There is no extension checks during file upload. Attacker may upload file to execute malicious code in the server. Proof of Concept Step 1: Create a file with the content below and save it as evil.php " Step 2: Login to the Cockpit web server Step 3: Go to assets Step 4: Upload Assets...

DEBIAN-CVE-2022-41725

A denial of service is possible from excessive resource consumption in net/http and mime/multipart. Multipart form parsing with mime/multipart.Reader.ReadForm can consume largely unlimited amounts of memory and disk files. This also affects form parsing in the net/http package with the Request...

K53756439: MySQL vulnerabilities CVE-2018-2767, CVE-2018-3063, CVE-2017-3653, and CVE-2018-3066

Security Advisory Description CVE-2018-2767 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low...

K50148721: MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286

Security Advisory Description CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allow...

K54470776: MySQL vulnerabilities CVE-2019-2585, CVE-2019-2587, CVE-2019-2589, CVE-2019-2592, and CVE-2019-2593

Security Advisory Description CVE-2019-2585 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

SUSE CVE-2015-4769

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Firewall, a different vulnerability than CVE-2015-4767...

SUSE CVE-2020-15104

In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. For example, with a SAN of .example.com, Envoy would incorrectly allow nested.subdomain.example.com, wh...

CVE-2023-25159 Nextcloud Server previews are accessible without a watermark

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and...

CVE-2023-0587

A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory...

Path traversal

OrangeScrum version 2.0.11 allows an authenticated external attacker to delete arbitrary local files from the server. This is possible because the application uses an unsanitized attacker-controlled parameter to construct an internal path...

mina-sshd: Java unsafe deserialization vulnerability

A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server...

GHSA-5VPV-XMCJ-9Q85 Fix for arbitrary file deletion in customer media allows for remote code execution

Impact Magento admin users with access to the customer media could execute code on the server...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : MySQL vulnerabilities (USN-5823-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5823-1 advisory. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL...

Oracle MySQL Server <= 5.7.40 Security Update (cpujan2023) - Windows

Oracle MySQL Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2023-21879

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...