Lucene search
K

4072 matches found

Huntr
Huntr
added 2022/01/16 5:27 a.m.26 views

in hazelcast/hazelcast

Description The AbstractXmlConfigRootTagRecognizer function makes use of SAXParser generated from a SAXParserFactory with no FEATURESECUREPROCESSING set, allowing for XXE attacks. In...

7.5CVSS1.9AI score0.02792EPSS
Exploits2
Huntr
Huntr
added 2022/01/16 5:16 a.m.5 views

in mybatis/generator

Description The isConfigFile function makes use of SAXParser generated from a SAXParserFactory with no FEATURESECUREPROCESSING set, allowing for XXE attacks. In...

1.6AI score
Exploits0
Huntr
Huntr
added 2022/01/15 2:38 p.m.6 views

in jetbrains/kotlin

Description The ModuleXmlParser.parse function makes use of SAXParser generated from a SAXParserFactory with no FEATURESECUREPROCESSING set, allowing for XXE attacks. In...

1.1AI score
Exploits0
Huntr
Huntr
added 2022/01/15 10:40 a.m.11 views

Cross-site Scripting (XSS) - Stored in cyrisxd/love-lock-card

Description Currenty, adding a "+ to the password, or a DOM element to the title, you can inject scripts into HA. I know that this library is meant to be not-secure by design, as stated in the README, and that if someone can update the Lovelance dashboard he can probably execute JS code in other...

7.5AI score
Exploits0
Huntr
Huntr
added 2022/01/15 3:28 a.m.22 views

in stanfordnlp/corenlp

Description When a malicious schema XML file is passed to getValidatingXmlParser, the parser is vulnerable to XXE when the SchemaFactory parses the schema XML file. In...

7.5CVSS1.1AI score0.01217EPSS
Exploits1References1
Huntr
Huntr
added 2022/01/15 1:30 a.m.8 views

Cross-site Scripting (XSS) - Stored in saleor/saleor-dashboard

Description Because the dangerouslySetInnerHTML method is used to output the input value of the DOM, XSS vulnerabilities occur in many logics. Proof of Concept html " Impact Through this vulnerability, an attacker is capable to execute malicious scripts...

0.4AI score
Exploits0References1
Huntr
Huntr
added 2022/01/14 5:43 p.m.17 views

in mruby/mruby

Description There is a NULL Pointer Dereference in preparesingletonclass src/class.c:360:13. This bug has been found on mruby lastest commit hash 171d32c0071d776207174a40a8fa26def3dbb931 on Ubuntu 20.04 for x8664/amd64. Proof of Concept 1.timesb= a=0 0,m:0 c=0=0,nil=nil0 def mend def c.eend Steps...

5CVSS1AI score0.00963EPSS
Exploits1
Huntr
Huntr
added 2022/01/14 12:7 p.m.17 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Description A CSRF issue is found in the SettingsLive help configurationCanned Messages. It was found that no CSRF token validation is getting done as no CSRF token is getting passed with the request. Also while generating statistics, the action is done through GET method with no CSRF token. Two...

4.3CVSS4.7AI score0.00439EPSS
Exploits1
Huntr
Huntr
added 2022/01/14 9:30 a.m.21 views

Cross-site Scripting (XSS) - Reflected in icecoder/icecoder

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...

3.5CVSS5AI score0.00668EPSS
Exploits1References2
Huntr
Huntr
added 2022/01/14 5:59 a.m.19 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Description A CSRF issue is found in the SettingsLive help configurationFile Configuration. It was found that no CSRF token validation is getting done as no CSRF token is getting passed with the request. Proof of Concept Actual Request POST /siteadmin/file/configuration HTTP/1.1 Host:...

4.3CVSS5.8AI score0.00512EPSS
Exploits1
Huntr
Huntr
added 2022/01/14 4:35 a.m.7 views

Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq

Description When creating a link using the editor function, the Stored XSS vulnerability occurs because a javascript scheme can be used. Proof of Concept txt 1. Go to campaigns - Mailing Campaigns - Editor 2. Enter the URL: javascript:alertdocument.domain 3. After, Click the URL Video :...

0.9AI score
Exploits0
Huntr
Huntr
added 2022/01/14 3:36 a.m.16 views

Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq

Description When building an app, an XSS vulnerability occurs in the app's name. Proof of Concept txt 1. Go to App Settings 2. Enter " as the name of the app Video : https://www.youtube.com/watch?v=dEFDHHGxzoY Impact Through this vulnerability, an attacker is capable to execute malicious scripts...

3.5CVSS0.9AI score0.006EPSS
Exploits1
Huntr
Huntr
added 2022/01/13 12:42 p.m.20 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

Description A CSRF issue is found in the audit configuration under settings. It was found that no CSRF token validation is getting done on the server-side. If we remove the CSRF token and keep the CSRF token field empty, the action is getting performed. Proof of Concept Request POST...

4.3CVSS4.5AI score0.00434EPSS
Exploits1
Huntr
Huntr
added 2022/01/13 4:39 a.m.20 views

Improper Input Validation in chatwoot/chatwoot

Description This vulnerability impacts all fields sent to Chatwoot. Any field that has an excessive amount of characters in it will cause the agent's page to take an abnormal amount of time to load, often requiring the content to be removed before the page will load. In my example, I put 20000000...

0.4AI score
Exploits0
Huntr
Huntr
added 2022/01/13 1:38 a.m.9 views

Cross-site Scripting (XSS) - Stored in admidio/admidio

Description I can send a message. In the here, I can create a link. But, when i create a link, I can use an onfocus/autofocus attribute after escape the href attribute because do not processing for double quote Proof of Concept txt 1. Open the...

7.3AI score
Exploits0
Huntr
Huntr
added 2022/01/12 7:46 p.m.13 views

Cross-site Scripting (XSS) - Stored in mautic/mautic

Description When installing Mautic both via UI or CLI the first and last name of the admin account are not sanitised before being stored in the database. This results in a possible stored XSS possibility, as those fields are displayed and re-used without any sanitisation. During install the raw...

0.7AI score
Exploits0
Huntr
Huntr
added 2022/01/12 5:31 p.m.24 views

in crater-invoice/crater

Description In recent Crater version e3f3809f tag: 6.0.1 customer with enabled portal function can upload PHP file instead of avatar. Proof of Concept POST /api/v1/company-name/customer/profile HTTP/1.1 Host: 172.17.0.1:8888 User-Agent: Mozilla/5.0 X11; Linux x8664; rv:97.0 Gecko/20100101...

6CVSS7.2AI score0.01413EPSS
Exploits1References1
Huntr
Huntr
added 2022/01/12 3:22 p.m.23 views

in skylot/jadx

Description parseXml function in ExportGradleProject is not secured against XXE because it does not include the disallow-doctype-decl attribute, therefore JADX is vulnerable to XXE when parsing a malicious Android Manifest when exporting Android app to Gradle. In...

4.3CVSS5.2AI score0.01059EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 1:18 p.m.20 views

Cross-site Scripting (XSS) - Stored in e107inc/e107

A Stored Cross-Site Scripting XSS using svg exists in e107 version 2.3.1 Date: 12/1/2022 Exploit Author: Trương Hữu Phúc Contact me: + Github: https://github.com/truonghuuphuc + Facebook: https://www.facebook.com/DdosFulzac.auz1/ + Email: [email protected] + Product: e107 + Version: 2.3.1...

0.2AI score
Exploits0References1
Huntr
Huntr
added 2022/01/12 12:1 p.m.20 views

Cross-Site Request Forgery (CSRF) in yetiforcecompany/yetiforcecrm

Description Hi there, I would like to report a CSRF vulnerability in yetiforcecompany/yetiforcecrm. This allows an attacker to create a new admin. Even when SameSite: Strict enable, this still can be exploited by an attacker with lowest privilege account E.g. guest. Proof of Concept + These are...

6CVSS1.1AI score0.00531EPSS
Exploits1References1
Huntr
Huntr
added 2022/01/12 11:21 a.m.20 views

Cross-site Scripting (XSS) - Stored in chaskiq/chaskiq

Description chaskid is a Open Source Messaging Platform for Marketing, Support & Sales this package is vulnerable for xss Proof of Concept Impact This vulnerability is capable of stored XSS...

4.3CVSS1.2AI score0.00616EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 11:14 a.m.34 views

Heap-based Buffer Overflow in vim/vim

Description A Heap-based Buffer Overflow has been found in vim commit 3cf21b3 Proof of Concept base64 poc ZggwMDAwMDAwMDAwMDAwMDAwMBkwMDAwCmYIMDAwMDAwMCUlJSUlJSUlJSUlMDAwMDD8CmUlJSUl JSUlJSUlJSUlJQp2cwp2MP8wbwo= /fuzzing/vim/vim/src/vim -u NONE -X -Z -e -s -S ./poc -c :qa! ASan stack trace:...

6.8CVSS7.5AI score0.01242EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 6:58 a.m.19 views

Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore

Description The Stored XSS vulnerability occurs because the menu editing function can insert a JavaScript Scheme as the value of the menu's HREF. Proof of Concept txt 1. Go to Content - Menu - Edit 2. Enter javascript:alertdocument.domain as the URL value using the Add or Edit menu function. 3...

3.5CVSS0.3AI score0.00573EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 6:30 a.m.19 views

Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite

Description Hi there, I would like to report another CSRF in phoronix Proof of Concept 1. Install a local instance of phoronix 2. Create a benchmark and note down benchmark id 3. Access the link /?benchmark//&repeat, /?benchmark//&disable and /?benchmark//&remove and see that the benchmark is...

4.3CVSS1.1AI score0.00783EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 6:23 a.m.23 views

Exposure of Sensitive Information to an Unauthorized Actor in feross/simple-get

BUG ====== Cookie header leaked to third party site and it allow to hijack victim account SUMMURY ============ When fetching a remote url with Cookie if it get Location response header then it will follow that url and try to fetch that url with provided cookie . So cookie is leaked here to...

5CVSS8.1AI score0.02024EPSS
Exploits1
Huntr
Huntr
added 2022/01/12 5:25 a.m.13 views

Exposure of Sensitive Information to an Unauthorized Actor in sscarduzio/elasticsearch-readonlyrest-plugin

Description elasticsearch-readonlyrest-plugin is using TLS. There are many serious vulnerabilities in early TLS that left unaddressed put organizations at risk of being breached. The widespread POODLE and BEAST exploits are just a couple of examples of how attackers have taken advantage of...

1.2AI score
Exploits0References1
Huntr
Huntr
added 2022/01/11 7:9 p.m.39 views

in log4js-node/log4js-node

BUG ======== any unprivileged user can see log file and sensitive information disclosed SUMMURY ============ log4js create log file to store the log . Log may contain many sentsitive information like username,password,token,api-key etc .\ So, this log file should not accessed by other user .\ But...

0.2AI score
Exploits0
Huntr
Huntr
added 2022/01/11 5:32 p.m.20 views

Cross-site Scripting (XSS) - Stored in orchardcms/orchardcore

Description The application does not escape special characters before output to FE, lead to stored XSS. Proof of Concept 1. Go to Workflows Create Workflow Add Task/Event 2. Set a title with XSS payload, e.g: aa Impact XSS can have huge implications for a web application and its users. User...

3.5CVSS1.8AI score0.00642EPSS
Exploits1
Huntr
Huntr
added 2022/01/11 12:42 p.m.11 views

Cross-site Scripting (XSS) - Stored in admidio/admidio

Description Stored xss Proof of Concept txt onmouseover="alert1"link Video : https://drive.google.com/file/d/1WzArNdgXgjVOS6qsePRvGWIz6ljtxApx/view?usp=sharing Impact Through this vulnerability, an attacker is capable to execute malicious scripts...

0.7AI score
Exploits0
Huntr
Huntr
added 2022/01/11 12:25 p.m.21 views

Improper Privilege Management in delgan/loguru

BUG ======== unprivileged user can see log file and sensitive information disclosed SUMMURY ============ loguru create log file to store the log . Log may contain many sentsitive information like username,password,token,key etc .\ So, this log file should not accessed by other user .\ But when...

4CVSS0.4AI score0.00758EPSS
Exploits1
Huntr
Huntr
added 2022/01/11 5:14 a.m.19 views

in stanfordnlp/corenlp

Description The TransformXML function makes use of SAXParser generated from a SAXParserFactory with no FEATURESECUREPROCESSING set, allowing for XXE attacks. In...

5.8CVSS1AI score0.00739EPSS
Exploits1
Huntr
Huntr
added 2022/01/11 4:14 a.m.23 views

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

Description pimcore is vulnerable to Stored XSS at Name field in the setting tab of the Global Targeting Rules. Steps to reproduce 1.Go to https://demo.pimcore.fun/admin/ and login. 2.In the left menu bar, click the Marketing icon then choose Personalization / Targeting - Global Targeting Rules...

3.5CVSS0.00664EPSS
Exploits1
Huntr
Huntr
added 2022/01/11 3:0 a.m.12 views

Business Logic Errors in silverstripe/silverstripe-framework

Description SilverStripe Framework is vulnerable to Business Logic Errors in the Failed login count since that value can be a negative number. Proof of Concept 1.After login, go to Security page under the path /admin/security/ 2.Click on any member record 3.In the member edit form, enter a negati...

1.2AI score
Exploits0
Huntr
Huntr
added 2022/01/10 8:37 p.m.13 views

in ionicabizau/parse-url

Description urldomain validation bypass Proof of Concept parse-url not able verify urldomain properly when basic authentication is given .This allow to bypass hostname validation . Lets username is admin and password is password123@ and hostname is 127.0.0.1 . so the url will be...

7.5AI score
Exploits0
Huntr
Huntr
added 2022/01/10 4:50 p.m.10 views

in vim/vim

Description Memory Allocation with Excessive Size Value Proof of Concept base64 poc aAp2ewp5Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3NzcKXQo= vim -u NONE -X -Z -e -s -S ./poc -c :qa! ==1206187==ERROR: AddressSanitizer: requested allocation size 0xfffffffffffffff8 0x7f8 after adjustments for alignment, red zones...

1.5AI score
Exploits0
Huntr
Huntr
added 2022/01/10 2:34 p.m.16 views

Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite

Description Hello phoronix test suite maintainer team, there is a Cross site request forgery vulnerability in phoronix test suite. Proof of Concept 1. Install phoronix test suite on your system 2. Create a test suite 3. Open another tab in browser and go to the link /?localsuites/delete/-1.0.0, f...

6.8CVSS0.3AI score0.00736EPSS
Exploits1
Huntr
Huntr
added 2022/01/10 4:48 a.m.14 views

Cross-site Scripting (XSS) - Generic in projectsend/projectsend

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a differen...

0.2AI score
Exploits0
Huntr
Huntr
added 2022/01/10 3:59 a.m.21 views

Cross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suite

Description Hi there, I would like to report a Cross Site Request Forgery in phoronix source code. Cross-site request forgery also known as CSRF is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. It allows an attacker to...

6.8CVSS1AI score0.0081EPSS
Exploits1References1
Huntr
Huntr
added 2022/01/09 7:39 p.m.18 views

Improper Access Control in snipe/snipe-it

Description A user with no rights for API tokens can view the page where API tokens can be generated and can generate API tokens. Proof of Concept - Create a user with no permission for anything i.e. everything on deny. - Log in with this user to the web application. - Visit...

5.5CVSS0.2AI score0.00664EPSS
Exploits1
Huntr
Huntr
added 2022/01/09 4:52 p.m.16 views

SQL Injection in dolibarr/dolibarr

Description The searchusers parameter does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection. Proof of Concept Slow query example: POST /dolibarr-14.0.5/htdocs/compta/sociales/list.php HTTP/1.1 Content-Type:...

7.5CVSS0.7AI score0.01995EPSS
Exploits1
Huntr
Huntr
added 2022/01/09 4:8 p.m.13 views

Business Logic Errors in dolibarr/dolibarr

Description The application does not check the input of price number lead to Business Logic error through negative price amount. Proof of Concept 1. Go to Product and Services area htdocs/product/index.php 2. Create a new or edit an item, insert a negative amount into Selling price field. Also in...

4CVSS2AI score0.00851EPSS
Exploits1
Huntr
Huntr
added 2022/01/09 1:12 p.m.19 views

Cross-site Scripting (XSS) - DOM in mrdoob/three.js

Description DOM-based XSS is a vulnerability in which the attacker can inject arbitrary javascript code in any DOM sink that supports dynamic code execution. In our case, source is window.location.hash and sink is iframe.src Proof of Concept 1 Visit...

1AI score
Exploits0
Huntr
Huntr
added 2022/01/09 7:19 a.m.25 views

SQL Injection in pimcore/pimcore

Description The storeId parameter does not sanitise and escape the option parameter before using it in a SQL statement, which could lead to SQL injection. Proof of Concept 1. Add items to Classification Store: Key definition, Group,... 2. Injection boolean base:...

6.5CVSS0.8AI score0.01626EPSS
Exploits1
Huntr
Huntr
added 2022/01/08 9:42 p.m.32 views

Insecure Temporary File in mlflow/mlflow

Description mlflow package is using the deprecated function tempfile.mktemp which is not secure. Because a different process may create a file with this name in the time between the call to mktemp and the subsequent attempt to create the file by the first process. Impact Availability will get...

5CVSS2.7AI score0.01551EPSS
Exploits1References1
Huntr
Huntr
added 2022/01/08 3:40 p.m.21 views

Improper Access Control in chocobozzz/peertube

Description Unauthenticated users can obtain comments on private videos Proof of Concept Vísit the following API link where 123 is the ID of the private video: /api/v1/videos/123/comment-threads Response contains all the comments on that private video. Impact This vulnerability disclosure comment...

4CVSS3.5AI score0.00684EPSS
Exploits0
Huntr
Huntr
added 2022/01/08 3:24 p.m.39 views

Heap-based Buffer Overflow in vim/vim

Description Heap-buffer-overflow in vim Command ./vim -u NONE -X -Z -e -s -S minpoc -c :qa! Proof of Concept minpoc is here. bt Program received signal SIGABRT, Aborted. GIraise sig=sig@entry=6 at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or...

6.8CVSS1.2AI score0.01687EPSS
Exploits1
Huntr
Huntr
added 2022/01/08 3:7 p.m.22 views

Cross-site Scripting (XSS) - DOM in karma-runner/karma

Description DOM-based XSS is a vulnerability in which the attacker can inject arbitrary javascript code in any DOM sink that supports dynamic code execution. In our case, source is query parameter returnurl and sink is location.href. Proof of Concept 1 Start karma server and visit the following...

4.3CVSS0.8AI score0.15174EPSS
Exploits1
Huntr
Huntr
added 2022/01/08 6:26 a.m.8 views

Cross-site Scripting (XSS) - Stored in outline/outline

Description outline is a fastest wiki and knowledge base for growing teams. Beautiful, feature rich, and markdown compatible. this package is vulnerable for stored XSS Proof of Concept Or here is the original video Impact This vulnerability is capable of Stored XSS...

1.5AI score
Exploits0
Huntr
Huntr
added 2022/01/08 12:10 a.m.21 views

Insecure Temporary File in horovod/horovod

Description horovod package is using the deprecated function tempfile.mktemp which is not secure. Because a different process may create a file with this name in the time between the call to mktemp and the subsequent attempt to create the file by the first process. Impact Availability will get...

5CVSS1.7AI score0.00922EPSS
Exploits0
Huntr
Huntr
added 2022/01/07 6:23 p.m.32 views

in unshiftio/url-parse

Description Improperly handeling username and password . And unable to detect the hostname . Proof of Concept url-parse not able verify basic authentication credential and also wrongly verifying hostname .This allow to bypass hostname validation .\ Lets username is admin and password is...

5CVSS7.2AI score0.01782EPSS
Exploits1
Total number of security vulnerabilities4072