CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

Web Cache Poisoning Denial of Service

A caching system has been detected on the application and is vulnerable to web cache poisoning. By manipulating specific unkeyed inputs (headers or cookies that are not included when generating the cache key) it was possible to force the caching system to cache a response that contains...

N-able N-central Web Interface Detection

The web interface for N-able N-central was detected on the remote...

Oracle WebLogic Web Services Test Client Detection

Oracle WebLogic Web services test client was detected on the remote...

CVE-2022-38046 Web Account Manager Information Disclosure Vulnerability

...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure

...

QNAP QTS/QES/QuTS hero - Web Detection

Detects the web interface for QNAP QTS/QES/QuTS hero on the remote...

SAP BusinessObjects Business Intelligence Platform Web Detection.

SAP BusinessObjects Business Intelligence Platform web interface detected on remote...

D-Link DIR Router Web Interface Detection

Nessus was able to detect the web interface for a D-Link DIR router on the remote...

Emerson SM-Ethernet Web Interface Default Credentials

It was possible to log into the remote Emerson SM-Ethernet web interface by providing the default credentials. A remote attacker can exploit this to gain administrative...

Honeywell XL Web Controller FTP Directory Traversal

The remote host is a Honeywell XL Web SCADA controller that is running a firmware version affected by a directory traversal vulnerability in the FTP server. A remote, unauthenticated attacker can exploit this to gain access to the web root...

EMC Cloud Tiering Appliance Web Interface Detection

The remote web server is the user interface for EMC Cloud Tiering Appliance (CTA), an appliance-based solution for file tiering, archiving and...

Tridium Niagara AX Web Server Multiple Vulnerabilities

The remote host is running a version of Tridium Niagara AX Web Server that is affected by multiple vulnerabilities : A directory traversal vulnerability exists that allows access to a file that stores login usernames and passwords. (CVE-2012-4027) The system insecurely stores user...

Trellix Enterprise Security Manager Web Interface Detection

The web interface for Trellix Enterprise Security Manager (formerly known as McAfee Enterprise Security Manager) was detected on the remote...

Zyxel Unified Security Gateway (USG) Web Detection

The web UI for Zyxel Unified Security Gateway (USG) was detected on the remote host. Note: HTTP basic authentication credentials are required by the CGI for obtaining granular version...

VISAM Automation Base (VBASE) Web-Remote Detection

The VISAM Automation Base (VBASE) Web-Remote service, a web-based remote interface to VBASE, is running on the remote...

Cisco Small Business Router Web UI Detection

Cisco Small Business router web user interface detected on remote host. Note that HTTP credentials are required to retrieve the...

Cisco Firepower Device Manager Web Interface Detection

The remote host is running the Firepower Device Manager, which allows for the configuration of FTD...

Cisco UCS Platform Emulator Web UI Detection

Cisco Unified Computing System (UCS) Platform Emulator, software for emulating Cisco UCS hardware communications, is running on the remote...

MicroLogix 1400 PLC Web Server Multiple Vulnerabilities

The firmware installed on the remote Allen-Bradley MicroLogix 1400 PLC device is a version prior to 15.003. It is, therefore, affected by multiple vulnerabilities : A flaw exists due to improper sanitization of user-supplied input before using it in SQL queries. An authenticated, remote...

Honeywell FALCON XL Web Controller Multiple Vulnerabilities

The remote host is a Honeywell FALCON XL Web SCADA controller that is running a firmware version affected by the following vulnerabilities : The change password page can be accessed without authentication to determine users' password hashes, which can allow a remote attacker to gain...

CVE-2024-36107

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. If-Modified-Since and If-Unmodified-Since headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a...

CVE-2023-23636

In Jellyfin 10.8.x through 10.8.3, the name of a playlist is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the...

CVE-2024-4235 Netgear DG834Gv5 Web Management Interface cleartext storage

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...

CVE-2023-4479 Stored XSS Vulnerability in M-Files Web

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time...

CVE-2024-4235 Netgear DG834Gv5 Web Management Interface cleartext storage

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...

Cisco Unified MeetingPlace Web Conferencing Unauthorized Password Change Security Bypass

According to its self-reported version number, the installation of Cisco Unified MeetingPlace Web Conferencing hosted on the remote web server is potentially affected by a security bypass vulnerability due to the lack of validation of the current password and HTTP session ID during a password...

CVE-2023-23635

In Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the...

Generic HTTP Directory Traversal (Web Application URL Parameter) - Active Check

Generic check for HTTP directory traversal vulnerabilities within URL parameters of the remote web...

Veeam ONE Web Client Page Fails to Load After Updating .NET Runtime Components

Make sure all .NET runtime versions match, then restart the Veeam ONE Reporting...

CVE-2022-41142

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to configure poller resources. The issue results from the lack of proper...

CVE-2024-31556

An issue in Reportico Web before v.8.1.0 allows a local attacker to execute arbitrary code and obtain sensitive information via the sessionid...

Have Web Trust Issues? Bot Management Can Help

...

GetSimple CMS 3.3.13 - Open Redirect

GetSimple CMS 3.3.13 contains an open redirect vulnerability via the admin/index.php redirect parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized...

CVE-2024-35326

libyaml v0.2.5 is vulnerable to Buffer Overflow. Affected by this issue is the function yaml_emitter_emit of the file /src/libyaml/src/emitter.c. The manipulation leads to a double-free. Notes Author| Note ---|--- jdstrand | golang-goyaml is a go translation of libyaml and shouldn't share...

MinIO information disclosure vulnerability in github.com/minio/minio

MinIO information disclosure vulnerability in...

SQL Injection

mocodo is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution (RCE) under certain...

CVE-2024-30370 RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability

RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action....

CVE-2024-30370 RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability

RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action....

Remote Code Execution (RCE)

mocodo is vulnerable to Remote Code Execution. The vulnerability is due to improper input validation at /web/rewrite.php, which allows an attacker to inject and execute arbitrary...

Sensitive Information Disclosure

github.com/minio/minio/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the ability to infer the existence of objects on a server by sending anonymous requests with random object...

Malicious code in cuckoo-3-web-ui-tooling (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (adbea70f2acb33710c8ecb7e13e55c24980ccd349854aa6c82915d2829359e15) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-45725

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * list * show * rewrite * update An attacker can leak the session component using an...

Apache ActiveMQ 5.x < 5.14.2 Web-based Administration Console Unspecified XSS

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.2. It is, therefore, affected by a cross-site scripting (XSS) vulnerability in the web-based administration console due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit...

ManageEngine - Remote Command Execution

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security...

CVE-2021-43214 Web Media Extensions Remote Code Execution Vulnerability

...

Improper Authorization

github.com/hashicorp/vault is vulnerable to Improper Authorization. The vulnerability is due to the JWT auth method improperly validating the audience and role-bound claims, allowing invalid logins to succeed when they should have been...

CVE-2024-4175 Improper Input Validation vulnerability in Hyperion Web Server

Unicode transformation vulnerability in Hyperion affecting version 2.0.15. This vulnerability could allow an attacker to send a malicious payload with Unicode characters that will be replaced by ASCII...

CVE-2024-25646 Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence

Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitation there could be a considerable impact on confidentiality of the...

Lin CMS Spring Boot - Default JWT Token

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the...

CVE-2024-35325

A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free. Notes Author| Note ---|--- jdstrand | golang-goyaml is a go translation of libyaml and shouldn't share...