CVE-2022-40619

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, exposes an HTTP server over the LAN interface of affected devices. This interface is vulnerable to unauthenticated arbitrary command injection through the funjsqaccesstoken parameter. This affects R6230 before...

EUVD-2010-4553

Malware in sbrugna...

EUVD-2019-0389

Malware in sbrugna...

Read private customer data reclaiming carts in Klaviyo Magento

A researcher identified an endpoint in a thirth party module Klaviyo Magento 2 which allows to read private customer data from stores. It works by reclaiming any guest-cart as your own and reading the private data for the orders in the Magento API...

GHSA-HVGW-GG3P-295J Read private customer data reclaiming carts in Klaviyo Magento

A researcher identified an endpoint in a thirth party module Klaviyo Magento 2 which allows to read private customer data from stores. It works by reclaiming any guest-cart as your own and reading the private data for the orders in the Magento API...

CVE-2023-48710

CVE-2023-48710 affects iTop where files in the env-production folder could be retrieved despite restricted access. The issue is mitigated by fixes in iTop versions 2.7.10, 3.0.4, 3.1.1, and 3.2.0, which include restricting file retrieval and limiting execution in pages/exec.php to PHP files. Conn...

CVE-2023-48710 iTop limit pages/exec.php script to PHP files

iTop is an IT service management platform. Files from the env-production folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that folder natively, but there could be from a third-party module. The pages/exec.php script as been...

Trend Micro Addresses Zero-Day Flaws Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical zero-day vulnerability, tracked as CVE-2023-41179, has been identified in the third-party AV uninstaller module contained in Trend Micro Apex One, Worry-Free Business Security, and...

CVE-2023-2712

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server. This issue affects Rental Module: before 23.05.15...

CVE-2023-2713

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass. This issue affects Rental Module: before 23.05.15...

Design/Logic Flaw

Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15...

SUSE CVE-2010-4587

Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module...

Node.js third-party modules: [plain-object-merge] Prototype pollution

I would like to report a prototype pollution vulnerability in plain-object-merge module. It allows an attacker to inject properties on Object.prototype. Module module name: plain-object-merge version: 1.0.1 npm page: https://www.npmjs.com/package/plain-object-merge Module Description Extremely fa...

Node.js third-party modules: SQL Injection or Denial of Service due to a Prototype Pollution

I would like to report a prototype pollution vulnerability in the typeorm package. It allows an attacker that is able to save a specially crafted object to pollute the Object prototype and cause side effects on the library/application logic, such as denials of service attacks and/or SQL injection...

Node.js third-party modules: [extra-asciinema] Command Injection via insecure command formatting

I would like to report a Command Injection issue in the extra-asciinema module. It allows to execute arbitrary commands on the victim's PC. Module module name: extra-asciinema version: 1.0.5 npm page: https://www.npmjs.com/package/extra-asciinema Module Description asciinema is a terminal screen...

Node.js third-party modules: [express-laravel-passport] Improper Authentication

I would like to report Improper Authentication in express-laravel-passport It allows to forge user's identity Module module name: express-laravel-passport version: 1.1.2 npm page: https://www.npmjs.com/package/express-laravel-passport Module Description You want a middleware support express get...

Node.js third-party modules: [authmagic-timerange-stateless-core] Improper Authentication

I would like to report Improper Authentication in authmagic-timerange-stateless-core It allows to forge user's identity. Module module name: authmagic-timerange-stateless-core version: 0.0.9 npm page: https://www.npmjs.com/package/authmagic-timerange-stateless-core Module Description Stateless an...

Node.js third-party modules: [public] Path traversal using symlink

I would like to report Path traversal vulnerability in public module Module module name: public version: 0.1.4 npm page: https://www.npmjs.com/package/public Module Description Run static file hosting server with specified public dir & port. Support a "direcotry index" like Apache httpd. Module...

Node.js third-party modules: [https-proxy-agent] Socket returned without TLS upgrade on non-200 CONNECT response, allowing request data to be sent over unencrypted connection

I would like to report a man-in-the-middle vulnerability in https-proxy-agent. It allows an attacker with access to the network firewall or targeted proxy server to obtain secrets e.g. a HTTP basic auth header from the client trying to send HTTPS traffic via HTTP proxy. Module module name:...

CVE-2019-5414

If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port 1.3.2...