CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection....

CVE-2007-10001

A vulnerability classified as problematic has been found in web-cyradm. This affects an unknown part of the file search.php. The manipulation of the argument searchstring leads to sql injection. It is recommended to apply a patch to fix this issue. The identifier VDB-217449 was assigned to this...

Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to a denial of service due to Eclipse Jetty (CVE-2024-22201)

Summary IBM Sterling Connect:Direct Web Services uses Eclipse Jetty. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-22201 DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by a flaw when an HTTP/2...

CVE-2023-0287

A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the.....

Coaster CMS Stored Cross-site Scripting vulnerability

A Stored Cross-site Scripting vulnerability has been discovered in the v5.5.0 version of the Coaster CMS...

SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Bitbucket Data Center and Server

This High severity org.springframework:spring-web Dependency vulnerability was introduced in versions 8.0.0, 8.1.0, 8.2.0, 8.3.0, 8.4.0, 8.5.0, 8.6.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, 8.13.0, 8.14.0-eap01, 8.15.0, 8.16.0, 8.17.0, 8.18.0, and 8.19.0 of Bitbucket Data Center and Server......

Security Bulletin: IBM Sterling Connect:Direct Web Service is vulnerable to sensitive information exposure due to PostgreSQL (CVE-2023-5868)

Summary IBM Connect:Direct Web Services uses PostgreSQL. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-5868 DESCRIPTION: **PostgreSQL could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw...

CVE-2022-4960

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2019-25088

A vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/conf_search.haml. The manipulation of the argument to_research leads to cross site scripting. It is possible to launch the attack remotely. The.....

CVE-2021-45099

The addon.stdin service in addon-ssh (aka Home Assistant Community Add-on: SSH & Web Terminal) before 10.0.0 has an attack surface that requires social engineering. NOTE: the vendor does not agree that this is a vulnerability; however, addon.stdin was removed as a defense-in-depth measure against.....

CVE-2007-10002

A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/login_password/LANG leads to sql injection. The attack may be launched remotely. The name of the...

CVE-2017-20185

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Fuzzy SWMP. It has been rated as problematic. This issue affects some unknown processing of the file swmp.php of the component GET Parameter Handler. The manipulation of the argument theme leads to cross site scripting. The attack may be....

Mattermost crashes web clients via a malformed custom status in github.com/mattermost/mattermost-server

Mattermost crashes web clients via a malformed custom status in...

CVE-2023-28525

IBM Engineering Requirements Management 9.7.2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: .....

MantisBT Web Detection

Mantis Bug Tracker (MantisBT), an open source issue tracker was detected on the remote host. Note: enabling thorough tests improves the likelihood that instances of MantisBT are detected at the cost of increasing the scan's duration and generated network...

CVE-2022-29110

Microsoft Excel Remote Code Execution...

CVE-2023-23396

Microsoft Excel Denial of Service...

(RHSA-2024:3560) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...

(RHSA-2024:3559) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...

Syncovery For Linux Web-GUI Session Token Brute-Forcer

This module attempts to brute-force a valid session token for the Syncovery File Sync & Backup Software Web-GUI by generating all possible tokens, for every second between 'DateTime.now' and the given X day(s). By default today and yesterday (DAYS = 1) will be checked. If a valid session token is.....

CVE-2021-46888

An issue was discovered in hledger before 1.23. A Stored Cross-Site Scripting (XSS) vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob...

Improper Neutralization of Input During Web Page Generation in Jsoup

Cross-site scripting (XSS) vulnerability in jsoup before...

Citrix Web Interface XSS

The remote server is running a Citrix Web Interface server that is vulnerable to cross site...

Outlook Web anonymous access

It is possible to browse the information of the OWA server by accessing as an anonymous...

Information Disclosure

reportico-web/reportico is vulnerable to Information Disclosure. The vulnerability is due to improper handling of user input within the execute_mode parameter of the URL, which allows attackers obtain sensitive...

Malicious code in agencyportal-web (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (3f01ab5c8d151da175f79cd0379f0f4d714ddceb4075503d821ee2f05515d1cb) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2018-20436

The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more.....

CVE-2012-2212

McAfee Web Gateway 7.0 allows remote attackers to bypass the access configuration for the CONNECT method by providing an arbitrary allowed hostname in the Host HTTP header. NOTE: this issue might not be reproducible, because the researcher did not provide configuration details for the vulnerable...

Reportico affected by Incorrect Access Control

An issue discovered in Reportico Till 8.1.0 allows attackers to obtain sensitive information via execute_mode parameter of the...

Web Server Directory Enumeration

This plugin attempts to determine the presence of various common directories on the remote web server. By sending a request for a directory, the web server response code indicates if it is a valid directory or...

CVE-2023-7215

A vulnerability, which was classified as problematic, has been found in Chanzhaoyu chatgpt-web 2.11.1. This issue affects some unknown processing. The manipulation of the argument Description with the input leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2021-41554

ARCHIBUS Web Central 21.3.3.815 (a version from 2014) does not properly validate requests for access to data and functionality in these affected endpoints: /archibus/schema/ab-edit-users.axvw, /archibus/schema/ab-data-dictionary-table.axvw, /archibus/schema/ab-schema-add-field.axvw,...

CVE-2021-41555

In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), XSS occurs in /archibus/dwr/call/plaincall/workflow.runWorkflowRule.dwr because the data received as input from clients is re-included within the HTTP response returned by the application without adequate validation. In this way, if HTML...

Web mirroring

This plugin makes a mirror of the remote website(s) and extracts the list of CGIs that are used by the remote host. It is suggested that you change the number of pages to mirror in the 'Options' section of the...

CVE-2015-10072

A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.0 is able to address...

Cisco IOS XE Software Web UI Command Injection (cisco-sa-web-cmdinj2-fOnjk2LD)

According to its self-reported version, the IOS XE is affected by command injection vulnerability. A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying...

SolarWinds Web Help Desk - Web Detection

The web interface for SolarWinds Web Help Desk was detected on the remote...

CVE-2020-1583

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

CVE-2020-1503

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

CVE-2024-23745

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution...

CVE-2021-41553

In ARCHIBUS Web Central 21.3.3.815 (a version from 2014), the Web Application in /archibus/login.axvw assign a session token that could be already in use by another user. It was therefore possible to access the application through a user whose credentials were not known, without any attempt by the....

Malicious code in brand-adidas-design-tokens (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (7e16fae72fd3726263d7bfa2f1c164b7d4100f89931856c163e37c534feb1a57) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Web Application Firewall Detected

A Web Application Firewall (WAF) has been detected during the scan. A WAF is designed to help protecting web applications by monitoring and filtering HTTP(S) traffic through a set of rules in order to prevent the most common attacks. . The identified WAF may have blocked several requests during...

CVE-2023-3305

A vulnerability was found in C-DATA Web Management System up to 20230607. It has been classified as critical. This affects an unknown part of the file /cgi-bin/jumpto.php?class=user&page=config_save&isphp=1 of the component User Creation Handler. The manipulation of the argument user/newpassword...

Microsoft Exchange Outlook Web App / Outlook Web Access (OWA) Detection (HTTP)

HTTP based detection of the Microsoft Exchange Outlook Web App / Outlook Web Access (OWA) and the Microsoft Exchange Server running this OWA...

(RHSA-2024:3561) Important: Red Hat JBoss Enterprise Application Platform 7.4.17 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.16, and includes bug...

CVE-2020-11453

Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit...

CVE-2022-4607

A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. Upgrading to version 5.2.1 is able to address this issue. The name of the patch.....

CVE-2010-5159

Race condition in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during...

CVE-2019-1201

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. The file could...