Shopware: Privilege escalation: non-admin user with user:create ACL can create admin accounts

UserController::upsertUser writes user data in SYSTEMSCOPE and does not filter the admin field. A non-admin API user with user:create or user:update ACL permission can set admin: true on new or existing users, escalating to full admin access. The Problem In...

ciguard: Container image runs as root (no USER directive)

Summary The published ghcr.io/jo-jo98/ciguard container image inherits the default root user because the Dockerfile lacks a USER directive. ciguard is a static analyser with no need for root privileges; running as root inside a container makes any future container-runtime escape CVE more impactfu...

EUVD-2018-5266

Malware in sbrugna...

Cross site request forgery (csrf)

MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page...

CVE-2019-15496

MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page...

CVE-2019-15496

The CVE-2019-15496 entry concerns MyT Project Management 1.5.1, which reportedly lacks CSRF protection and enables a CSRF attack that could trick an administrator into executing arbitrary code via a crafted HTML page. The connected sources confirm the affected product/version and the underlying i...

Cross site scripting

An issue was discovered in Ampache through 3.9.1. A stored XSS exists in the localplay.php LocalPlay "add instance" functionality. The injected code is reflected in the instances menu. This vulnerability can be abused to force an admin to create a new privileged user whose credentials are known b...

Buffalo TS5600D1206 Command Injection Vulnerability (CNVD-2019-00674)

The Buffalo TS5600D1206 is a network storage device from the Buffalo Group of Japan. A command injection vulnerability exists in the User.create method in the Buffalo TS5600D1206 version 3.61-0.10, which can be exploited to execute system commands with the 'name' parameter...

CVE-2018-13318

System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter...

CVE-2018-13318

System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter...

Free Reprintables ArticleFR Has Multiple Cross-Site Request Forgery Vulnerabilities

Free Reprintables ArticleFR is an article directory scripting system from Free Reprintables Philippines. Free Reprintables ArticleFR 3.0.6 suffers from multiple cross-site request forgery vulnerabilities that allow remote attackers to hijack an administrator authentication request to add an...

WordPress SL User Create Plugin <= 0.2.4 - Information Disclosure

Because of this vulnerability, attackers can obtain sensitive information. Solution Update the plugin...

SL User Create 0.2.4 - LSL script Secret String Weakness Information Disclosure

The SL User Create WordPress plugin was affected by a LSL script Secret String Weakness Information Disclosure security vulnerability...

CVE-2011-4743

The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving smb/user/create and certain other files...

ATutor AChecker 1.2 SQL Injection

AChecker 1.2 Multiple Error-Based SQL Injection vulnerabilities Vendor: ATutor Inclusive Design Institute Product web page: http://www.atutor.ca Affected version: 1.2 build r530 Summary: AChecker is an open source Web accessibility evaluation tool. It can be used to review the accessibility of We...