CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

rolf-bornemann.de Cross Site Scripting vulnerability OBB-3905805

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Sophos Web Appliance - Remote Code Execution

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary...

Icinga Web 2 - Arbitrary File Disclosure

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-36478 DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and buffer...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-22081 DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow a remote...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-21930 DESCRIPTION: **An unspecified vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition related to...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-20932 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow a remote.....

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow a remote.....

KR-Web <=1.1b2 - Remote File Inclusion

KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT...

Cisco Finesse Web-Based Management Interface Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to perform a stored cross site-scripting (XSS) attack by exploiting a remote file inclusion (RFI) vulnerability or perform a server-side request forgery (SSRF) attack an.....

Malicious code in virtuoso-web-chat (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (09f5be1f1f3cad8c43378afb0ddb0aed39e00e1e3169ff5e1559ab4c39d1bf06) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to multiple vulnerabilities due to IBM Java

Summary IBM Sterling Connect:Direct Web Service uses IBM Java SE. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-40167 DESCRIPTION: **Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1...

T24 Web Server - Local File Inclusion

T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from...

Smart Office Web 20.28 - Information Disclosure

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to...

ZEROF Web Server 1.0 - SQL Injection

ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login...

Remote code execution in web server context

Impact User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web...

Microstrategy Web 7 - Local File Inclusion

Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE:...

Remote code execution in web server context

Impact User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web...

Amcrest IP Camera Web Management - Data Exposure

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative...

Cross Site Request Forgery (CSRF)

org.apache.zeppelin: zeppelin-web is vulnerable to Cross Site Request Forgery (CSRF). The vulnerability is due to inadequate validation of requests, which allows an attacker to submit malicious requests via...

WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials

WAPPLES Web Application Firewall through 6.0 contains a hardcoded credentials vulnerability. It contains a hardcoded system account accessible via db/wp.no1, as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file. An attacker can use this account to access system configuration and....

Juniper Web Device Manager - Cross-Site Scripting

Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal...

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to privilege escalation due to Spring-Web (CVE-2023-44794)

Summary IBM Sterling Connect:Direct Web Services uses Spring-Web. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-44794 DESCRIPTION: **Dromara SaToken and SpringBoot could allow a remote authenticated attacker to gain elevated...

rolf-sander.net Improper Access Control vulnerability OBB-3860291

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to security bypass due to PostgreSQL (CVE-2024-0985)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-0985 DESCRIPTION: **PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw.....

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to security bypass due to PostgreSQL (CVE-2024-0985)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-0985 DESCRIPTION: **PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw.....

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to a denial of service due to PostgreSQL (CVE-2023-5870)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-5870 DESCRIPTION: **PostgreSQL is vulnerable to a denial of service, caused by a flaw in the pg_signal_backend role. By...

BOA Web Server 0.94.14 - Arbitrary File Access

BOA Web Server 0.94.14 is susceptible to arbitrary file access. The server allows the injection of "../.." using the FILECAMERA variable sent by GET to read files with root privileges and without using access...

Centos Web Panel 0.9.8.480 - Local File Inclusion

Centos Web Panel version 0.9.8.480 suffers from local file inclusion vulnerabilities. Other vulnerabilities including cross-site scripting and remote code execution are also known to impact this...

Artica Web Proxy 4.30 - OS Command Injection

Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via...

ZEROF Web Server 2.0 - Cross-Site Scripting

ZEROF Web Server 2.0 allows /admin.back cross-site...

Tiny Java Web Server - Cross-Site Scripting

A reflected cross-site scripting vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) &lt;=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error...

van-scheijndel.nl Cross Site Scripting vulnerability OBB-3884423

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Misleading UI design: Settings -> VPN

In onResume of AppManagementFragment.java, there is a possible way to prevent users from forgetting a previously connected VPN due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Security Bulletin: Security fixes available for The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology

Summary The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 and The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 contains fixes which was identified as a vulnerability during OSS scan. These version contain upgraded version of guava-28.0-jre.jar (CVE-2020-8908), httpclient-4.0.jar...

Quttera Web Malware Scanner <= 3.4.1.48 - Sensitive Data Exposure

The Quttera Web Malware Scanner WordPress plugin before 3.4.2.1 doesn't restrict access to detailed scan logs, which allows a malicious actor to discover local paths and portions of the site's...

Satellian Intellian Aptus Web <= 1.24 - Remote Command Execution

'Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be...

Joomla! Component Web TV 1.0 - Local File Inclusion

A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to...

CentOS Web Panel 7 <0.9.8.1147 - Remote Code Execution

CentOS Web Panel 7 before 0.9.8.1147 is susceptible to remote code execution via entering shell characters in the /login/index.php component. This can allow an attacker to execute arbitrary system commands via crafted HTTP requests and potentially execute malware, obtain sensitive information,...

Aruba VAN SDN Controller Detection

Aruba Virtual Application Networks (VAN) Software Defined Networking (SDN) controller, a unified control point in an OpenFlow-enabled network, is running on the remote...

Apache Zeppelin CSRF vulnerability in the Credentials page

Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an attacker to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior...

SilverStripe Web Cache Poisoning through HTTPRequestBuilder

SilverStripe through 4.4.4 allows Web Cache Poisoning through...

Improper escaping in XWiki Platform

XWiki Platform before 12.8 mishandles escaping in the property...

CVE-2018-25097

A vulnerability, which was classified as problematic, was found in Acumos Design Studio up to 2.0.7. Affected is an unknown function. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.0.8 is able to address this issue. The name of.....

Ruby on Rails Web Console - Remote Code Execution

Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to...

static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names

Summary If directory listings are enabled for a directory that an untrusted user has upload privileges for, a malicious file name like <img src>.txt will allow JavaScript code execution in the context of the web server’s domain. Details SWS generally does not perform escaping of...

Oracle iPlanet Web Server 7.0.x - Authentication Bypass

Oracle iPlanet Web Server 7.0.x has incorrect access control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE a related support policy can be found in the www.oracle.com references attached to this...

SonicWall GMS and Analytics Web Services - Shell Injection

The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier...

Malicious code in epc-notification-setting-web (npm)

-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (7e2f6eb6b2d571a457c452301694f5e1f6da8ff1254c78f6837eaef6af78134e) The OpenSSF Package Analysis project identified 'epc-notification-setting-web' @ 66.6.9 (npm) as malicious. It is considered malicious because: ...

SAP Web Application Server 6.x/7.0 - Open Redirect

frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl...