CVE-2022-31390

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

Server side request forgery (ssrf)

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

CVE-2022-31390

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery SSRF vulnerability via the Update function in app/admin/c/TemplateController.php...

JIZHICMS 代码问题漏洞

Extreme Networks Technology JIZHICMS Extreme CMS is an open source content management system CMS from China's Extreme Networks Technology Company. A security vulnerability exists in JIZHICMS version v2.2.5, which originated from a server-side request forgery SSRF vulnerability discovered through...

CVE-2022-27438

CVE-2022-27438 affects Caphyon Advanced Installer 19.3 and earlier and products using the Advanced Updater. The root cause is a remote code execution vulnerability in the update check function via the CustomDetection parameter. Exploitation requires starting an affected installation to trigger th...

TOTOLINK A3100R 安全漏洞

TotoLink A3100R is a series of wireless routers from TotoLink, Taiwan, China.TotoLink A3100R version V4.1.2cu.5050B20200504 and V4.1.2cu.5247B20211129 are vulnerable to command injection, which originates from uci cloudupdateconfig function in the magicid parameter fails to properly filter the...

CDP.sol update overwrites user's credit on every positive increment

Handle harleythedog Vulnerability details Impact Within CDP.sol there is a function called update. This function slowly decreases the debt of a position as yield is earned, until the debt is fully paid off, and the idea is then that the credit should begin incrementing as more yield is accumulate...

Lack of data validation in update function

Handle Koustre Vulnerability details Impact There is no data validation of the data input into update function in MochiCSSRv0.sol. Allowing anyone to set the price of any non ERC20 token that is not a bluechip asset DAI, WETH, ETH, etc. Proof of Concept Provide direct links to all referenced code...

Historic data being requested as a part of MochiVault.withdraw and borrow functions can be outdated, so a user can avoid historic data update with sending old piece of _data

Handle hyh Vulnerability details Impact Asking to provide historic data proof doesn't imply that pricing is current, a malicious user can wait for market volatility and do deposit/borrow sequence with outdated price, borrowing more than current market value of supplied assets for example, suppose...

MochiCSSRv0.update() Does Not Operate Correctly On Bluechip Assets

Handle leastwood Vulnerability details Impact Mochi vaults query price feeds for updates via the update function in MochiCSSRv0.sol. If the asset to be queried is a bluechip asset, the function will call getPrice on an adapter which adheres to the ICSSRAdapter interface. If the adapter is not...

Traffic Factory: WordPress Plugin Update Confusion at trafficfactory.com

Hi, I'm currently researching a "novel" supply chain attack affecting WordPress plugins, and I believe your website might be vulnerable. The way it works is similar to a recent Dependency Confusion attack, where a malicious actor can take over internal packages unclaimed on PyPI / npm registry. I...

Information disclosure

In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information...

CVE-2020-22535

Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update function in upgradecontroller.php...

VMware vCenter Server 6.5 / 6.7 Session Hijack (VMSA-2020-0023)

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5u3k or 6.7 prior to 6.7u3. It is, therefore, affected by a session hijack vulnerability in the vCenter Server Appliance. Management Interface update function due to a lack of certificate validation. A malicious...

Cross-Site Scripting (XSS)

BizCharts is vulnerable to cross site scripting. The package fails to sanitize config data in the update function, allowing attackers to inject and execute arbitrary code in a victim's browser...

Session fixation

VMware vCenter Server 6.7 before 6.7u3, 6.6 before 6.5u3k contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repositor...

CVE-2020-3994

VMware vCenter Server 6.7 before 6.7u3, 6.6 before 6.5u3k contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repositor...

CVE-2020-3994

CVE-2020-3994 affects VMware vCenter Server (versions 6.7 before 6.7u3, 6.6 before 6.5u3k). It is a session hijack vulnerability in the vCenter Server Appliance Management Interface (VAMI) update function caused by a lack of certificate validation. An attacker with network position between vCente...

CVE-2020-24203

Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution...

DEBIAN-CVE-2020-4032

In FreeRDP before version 2.1.2, there is an integer casting vulnerability in updaterecvsecondaryorder. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2...