CAGE Web Design | Rolf Van Gelder Security Vulnerabilities

Honeywell FALCON XL Web Controller Multiple Vulnerabilities

The remote host is a Honeywell FALCON XL Web SCADA controller that is running a firmware version affected by the following vulnerabilities : The change password page can be accessed without authentication to determine users' password hashes, which can allow a remote attacker to gain...

CVE-2022-23470

Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and...

QNAP QTS/QES/QuTS hero - Web Detection

Detects the web interface for QNAP QTS/QES/QuTS hero on the remote...

D-Link DIR Router Web Interface Detection

Nessus was able to detect the web interface for a D-Link DIR router on the remote...

Emerson SM-Ethernet Web Interface Default Credentials

It was possible to log into the remote Emerson SM-Ethernet web interface by providing the default credentials. A remote attacker can exploit this to gain administrative...

Honeywell XL Web Controller FTP Directory Traversal

The remote host is a Honeywell XL Web SCADA controller that is running a firmware version affected by a directory traversal vulnerability in the FTP server. A remote, unauthenticated attacker can exploit this to gain access to the web root...

Tridium Niagara AX Web Server Multiple Vulnerabilities

The remote host is running a version of Tridium Niagara AX Web Server that is affected by multiple vulnerabilities : A directory traversal vulnerability exists that allows access to a file that stores login usernames and passwords. (CVE-2012-4027) The system insecurely stores user...

Plone allows anonymous users to reset any users password through the web via Password Reset Tool

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security...

CVE-2024-35710 WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through...

Lin CMS Spring Boot - Default JWT Token

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the...

Have Web Trust Issues? Bot Management Can Help

...

CVE-2024-35710 WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through...

GetSimple CMS 3.3.13 - Open Redirect

GetSimple CMS 3.3.13 contains an open redirect vulnerability via the admin/index.php redirect parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized...

CVE-2023-51418

Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through...

RHEL 8 / 9 : Red Hat JBoss Web Server 6.0.2 (RHSA-2024:1916)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1916 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the...

CVE-2024-35325

A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free. Bugs https://github.com/yaml/libyaml/issues/297 Notes Author| Note ---|--- jdstrand | golang-goyaml is a go...

CVE-2023-42121 Control Web Panel Missing Authentication Remote Code Execution Vulnerability

Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

CVE-2023-42121 Control Web Panel Missing Authentication Remote Code Execution Vulnerability

Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

Web Cache Poisoning Denial of Service

A caching system has been detected on the application and is vulnerable to web cache poisoning. By manipulating specific unkeyed inputs (headers or cookies that are not included when generating the cache key) it was possible to force the caching system to cache a response that contains...

CVE-2024-4174 Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server

Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affecting version 2.0.15. This vulnerability could allow an attacker to execute malicious Javascript code on the client by injecting that code into the...

Essential Strategies to Secure Your Web Applications and APIs in a Modern Application Development World

In today’s interconnected digital world, the role of web applications and APIs has become central to business operations, acting as gateways to vast amounts of valuable data and services. However, their widespread use and accessibility make them prime targets for cybercriminals, posing substantial....

CVE-2023-51418 WordPress JVM rich text icons plugin <= 1.2.6 - Arbitrary File Deletion vulnerability

Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass

...

RHEL 8 / 9 : Red Hat JBoss Web Server 6.0.1 (RHSA-2024:1324)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1324 advisory. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of...

Remote Code Execution (RCE)

mocodo is vulnerable to Remote Code Execution. The vulnerability is due to improper input validation at /web/rewrite.php, which allows an attacker to inject and execute arbitrary...

Autodesk Design Review Installed

Autodesk Design Review, a review software for Autodesk designs, is installed on the remote Windows...

CVE-2024-3095 SSRF in Langchain Web Research Retriever in langchain-ai/langchain

A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This....

CVE-2024-3095 SSRF in Langchain Web Research Retriever in langchain-ai/langchain

A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This....

Moodle Privilege escalation in quiz web services

In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the...

Moodle Privilege escalation in quiz web services

In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the...

CVE-2023-5935 Missing authentication for local web interface in Arc before v1.6.0

When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself. A malicious local user or process, during a window...

CVE-2024-4651 Campcodes Complete Web-Based School Management System student_attendance_history1.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument year leads to cross site scripting. The.....

CVE-2024-4651 Campcodes Complete Web-Based School Management System student_attendance_history1.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. This issue affects some unknown processing of the file /view/student_attendance_history1.php. The manipulation of the argument year leads to cross site scripting. The.....

CVE-2022-32176

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3b are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the "Compress Upload" functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the...

Exploit for Improper Authorization in Samsung Members

CVE-2021-25374 - Samsung Account Access Script This script...

Sensitive Information Disclosure

github.com/minio/minio/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to the ability to infer the existence of objects on a server by sending anonymous requests with random object...

SQL Injection

mocodo is vulnerable to SQL Injection. The vulnerability is due to improper sanitization of the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary SQL commands and potentially command injection, leading to remote code execution (RCE) under certain...

Mattermost crashes web clients via a malformed custom status

Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authenticated attacker to crash other users' web clients via a malformed custom...

design-smart-home.de Cross Site Scripting vulnerability OBB-3915790

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2023-5935 Missing authentication for local web interface in Arc before v1.6.0

When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the configuration process. Such web interface lacks authentication and may thus be abused by a local attacker or malware running on the machine itself. A malicious local user or process, during a window...

CVE-2022-32177

In "Gin-Vue-Admin", versions v2.5.1 through v2.5.3beta are vulnerable to Unrestricted File Upload that leads to execution of javascript code, through the 'Normal Upload' functionality to the Media Library. When an admin user views the uploaded file, a low privilege attacker will get access to the.....

bind, bind-dyndb-ldap, and dhcp security update

bind [32:9.11.4-26.P2.16] - Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387 CVE-2023-50868) - Add missing design by contract tests to dns_catz* - Speed up parsing of DNS messages with many different names (CVE-2023-4408) - Do not use header_prev in expire_lru_headers...

RHEL 6 / 7 : Red Hat JBoss Web Server 5.0 Service Pack 2 (RHSA-2019:0451)

An update is now available for Red Hat JBoss Web Server 5.0 for RHEL 6 and Red Hat JBoss Web Server 5.0 for RHEL 7. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity...

Cross Site Scripting(XSS)

summernote is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to insufficient input validation and sanitization of user-provided content, allowing malicious scripts to be executed within the context of the application when viewed in code...

VMware Carbon Black App Control Web Console Detection

The web console for VMware Carbon Black App Control, formerly known as Cb Protection and Bit9 Parity, was detected on the remote...

MicroLogix 1400 PLC Web Server Request Handling RCE

The firmware installed on the remote Allen-Bradley MicroLogix 1400 PLC device is a version prior to 15.004. It is, therefore, affected by a stack-based buffer overflow condition due to improper validation of user-supplied input when handling web requests. An unauthenticated, remote attacker can...

HP Intelligent Management Center Web Administration Interface Detection

The web administration interface for HP Intelligent Management Center (IMC) was detected on the remote host. HP IMC is a comprehensive wired and wireless network management tool supporting the FCAPS...

Apache ActiveMQ 5.x < 5.14.0 ActiveMQ Fileserver web application remote code execution (Xbash)

The version of Apache ActiveMQ running on the remote host is 5.x prior to 5.14.0. It is, therefore, affected by a remote code execution vulnerability. The Fileserver web application allows remote attackers to upload and execute arbitrary...

CVE-2024-2229

CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution when a malicious project file is loaded into the application by a valid...

CVE-2024-5235 Campcodes Complete Web-Based School Management System teacher_salary_invoice.php sql injection

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_salary_invoice.php. The manipulation of the argument teacher_id leads to sql injection. It is possible to launch the attack.....