GHSA-8CPH-M685-6V6R OpenFGA Authorization Bypass

Overview Some end users of OpenFGA v1.5.0 or later are vulnerable to authorization bypass when calling Check or ListObjects APIs. Am I Affected? You are very likely affected if your model involves exclusion e.g. a but not b or intersection e.g. a and b and you have any cyclical relationships. If...

CVE-2022-32995

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery SSRF via the template remote download function...

Server side request forgery (ssrf)

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery SSRF via the template remote download function...

CVE-2022-28053

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-28053

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-28053

Typemill v1.5.3 has an arbitrary file upload vulnerability in the upload function that can allow remote arbitrary PHP code execution. Root cause: lack of proper file filtering/restrictions during upload. Impact per CVE: high (CVE-2022-28053) with potential full compromise; CVSS3.1 base score 8.8....

Malicious Package in colour-string

Version 1.5.3 of colour-string contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and key...

Seccubus v1.5.3 - latest version download

"Tool to automatically fire regular security scans with Nessus. Compare results of the current scan with the previous scan and report on the delta in a web interface. Main objective of the tool is to make repeated scans more efficient." This is mostly a bugfix release. Download Seccubus v1.5.3...

Vulnerability httpdx v1.5.3

!/usr/bin/perl Program : Httpdx v1.5.3 PoC : Remote Break Services Homepage : http://sourceforge.net/projects/httpdx/ Found by : Jonathan Salwan This Advisory : Jonathan Salwan Contact : [email protected] //----- Application description Single-process HTTP1.1/FTP server; no threads or process...

Httpdx 1.5.3 Remote Break Services

!/usr/bin/perl Program : Httpdx v1.5.3 PoC : Remote Break Services Homepage : http://sourceforge.net/projects/httpdx/ Found by : Jonathan Salwan This Advisory : Jonathan Salwan Contact : [email protected] //----- Application description Single-process HTTP1.1/FTP server; no threads or process...

Httpdx v1.5.3 Remote Break Server HTTP

Exploit for windows platform in category dos / poc ====================================================================== httpdx v1.5.3 PNG File Handling Remote Denial of Service Vulnerability ====================================================================== Vulnerable: httpdx httpdx 1.5.3...

httpdx 1.5.3 - '.png' File Handling Remote Denial of Service

source: https://www.securityfocus.com/bid/38638/info The 'httpdx' program is prone to a denial-of-service vulnerbaility. Remote attackers can exploit this issue to cause the server to stop responding, denying service to legitimate users. This issue affects httpdx 1.5.3; other versions may also be...

Httpdx 1.5.3 Break Services

!/usr/bin/perl Program : Httpdx v1.5.3 PoC : Remote Break Services Homepage : http://sourceforge.net/projects/httpdx/ Found by : Jonathan Salwan This Advisory : Jonathan Salwan Contact : [email protected] //----- Application description Single-process HTTP1.1/FTP server; no threads or...