Fedora 36 : clamav (2023-3ba365d538)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3ba365d538 advisory. - Fix daily.cvd file - Split out documentation into separate -doc sub-package - 2128276 Please port your pcre dependency to pcre2 - Explicit...

WordPress core <= 6.0.2 - Cross-Site Request Forgery (CSRF) vulnerability in wp-trackback.php

Cross-Site Request Forgery CSRF vulnerability in wp-trackback.php discovered by Simon Scannell in WordPress core versions = 6.0.2. Solution Update the WordPress to the latest available version at least 6.0.3...

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 CVSS score: 7.5, the issue concerns a path...

rainloop -- cross-site-scripting (XSS) vulnerability

Simon Scannell reports: The code vulnerability can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client. When the email is viewed by the victim, the attacker gains full control over the session of the victim and can steal any of their...

WordPress 3.9-5.1 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability found by Simon Scannell in WordPress versions 3.9-5.1. Solution Update WordPress to the latest available version at least 5.1.1...

WordPress 3.7-5.0 (except 4.9.9) - Authenticated Code Execution vulnerability

Authenticated Code Execution vulnerability discovered by Simon Scannell RIPS Technologies in WordPress versions 3.7-5.0, except 4.9.9. Solution Update WordPress to the latest available version at least 5.0.1 or 4.9.9...

WordPress <= 5.0 - Authenticated Post Type Bypass

Description According to WordPress: "Simon Scannell of RIPS Technologies discovered that authors could create posts of unauthorized post types with specially crafted input."...

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could compromise your online store. Simon Scannell, a researcher at RIPS Technologies GmbH, discovered an arbitrary file deletion vulnerability in the popular WooCommerce...

WooCommerce <= 3.4.5 - Authenticated Object Injection

According to WooCommerce: "Versions 3.4.5 and earlier are affected by a handful of issues that allow Shop Managers to exceed their capabilities and perform malicious actions. These issues can be exploited by users with Shop Manager capabilities or greater, and we recommend all users running...

osCommerce Installer Unauthenticated Code Execution Exploit

If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it. This module requires...

osCommerce 2.3.4.1 - Remote Code Execution

osCommerce 2.3.4.1 - Remote Code Execution Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on: Linux, Window...