#ExploitObserverAlert
CVE-2001-1228
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2001-1228. Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
FIRST-EPSS: 0.014510000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2001-1228
DESCRIPTION: Exploit Observer has 6 entries related to CVE-2001-1228. Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
FIRST-EPSS: 0.014510000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2020-13700
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-13700. An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.
FIRST-EPSS: 0.018310000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2020-13700
DESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-13700. An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.
FIRST-EPSS: 0.018310000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2002-1131
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2002-1131. Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
FIRST-EPSS: 0.060180000
NVD-IS: 6.4
NVD-ES: 10.0
CVE-2002-1131
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2002-1131. Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
FIRST-EPSS: 0.060180000
NVD-IS: 6.4
NVD-ES: 10.0
#ExploitObserverAlert
CVE-2023-1255
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-1255. Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one.
FIRST-EPSS: 0.000660000
NVD-IS: 3.6
NVD-ES: 2.2
CVE-2023-1255
DESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-1255. Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one.
FIRST-EPSS: 0.000660000
NVD-IS: 3.6
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2020-0764
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-0764. An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-0764
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-0764. An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000430000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2015-10127
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2015-10127. A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability.
CVE-2015-10127
DESCRIPTION: Exploit Observer has 3 entries related to CVE-2015-10127. A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able to address this issue. The patch is identified as 1274afc635170daafd38306487b6bb8a01f78ecd. It is recommended to upgrade the affected component. VDB-248954 is the identifier assigned to this vulnerability.
#ExploitObserverAlert
CVE-2023-40121
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-40121. In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
CVE-2023-40121
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-40121. In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe deserialization. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-46699
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46699. Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention.
CVE-2023-46699
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-46699. Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention.
#ExploitObserverAlert
CVE-2023-50294
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50294. The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page.
CVE-2023-50294
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50294. The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. As a result, the Secret access key for external service may be obtained by an attacker who can access the App Settings page.
#ExploitObserverAlert
CVE-2015-2794
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2015-2794. The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.
FIRST-EPSS: 0.971100000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2015-2794
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2015-2794. The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.
FIRST-EPSS: 0.971100000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
PD/http/cves/2023/CVE-2023-46574
DESCRIPTION: Exploit Observer has 2 entries related to PD/http/cves/2023/CVE-2023-46574. An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.
PD/http/cves/2023/CVE-2023-46574
DESCRIPTION: Exploit Observer has 2 entries related to PD/http/cves/2023/CVE-2023-46574. An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.
#ExploitObserverAlert
CVE-2023-21266
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21266. In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2023-21266
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-21266. In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
FIRST-EPSS: 0.000420000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-41892
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-41892. Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.
FIRST-EPSS: 0.206280000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-41892
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-41892. Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.
FIRST-EPSS: 0.206280000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-41761
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-41761. An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files.
CVE-2022-41761
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-41761. An issue was discovered in NOKIA NFM-T R19.9. An Absolute Path Traversal vulnerability exists under /cgi-bin/R19.9/viewlog.pl of the VM Manager WebUI via the logfile parameter, allowing a remote authenticated attacker to read arbitrary files.
#ExploitObserverAlert
CVE-2020-36769
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36769. The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2020-36769
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-36769. The Widget Settings Importer/Exporter Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the wp_ajax_import_widget_dataparameter AJAX action in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with subscriber-level permissions and above to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
#ExploitObserverAlert
CVE-2023-26255
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-26255. An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu
CVE-2023-26255
DESCRIPTION: Exploit Observer has 7 entries related to CVE-2023-26255. An unauthenticated path traversal vulnerability affects the "STAGIL Navigation for Jira - Menu
#ExploitObserverAlert
CVE-2020-0638
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-0638. An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000690000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2020-0638
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-0638. An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
FIRST-EPSS: 0.000690000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-48309
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48309. NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or nonce). Manually overriding the `next-auth.session-token` cookie value with this non-related JWT would let the user simulate a logged in user, albeit having no user information associated with it. (The only property on this user is an opaque randomly generated string). This vulnerability does not give access to other users' data, neither to resources that require proper authorization via scopes or other means. The created mock user has no information associated with it (ie. no name, email, access_token, etc.) This vulnerability can be exploited by bad actors to peek at logged in user states (e.g. dashboard layout). `next-auth` `v4.24.5` contains a patch for the vulnerability. As a workaround, using a custom authorization callback for Middleware, developers can manually do a basic authentication.
FIRST-EPSS: 0.000630000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2023-48309
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-48309. NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or nonce). Manually overriding the `next-auth.session-token` cookie value with this non-related JWT would let the user simulate a logged in user, albeit having no user information associated with it. (The only property on this user is an opaque randomly generated string). This vulnerability does not give access to other users' data, neither to resources that require proper authorization via scopes or other means. The created mock user has no information associated with it (ie. no name, email, access_token, etc.) This vulnerability can be exploited by bad actors to peek at logged in user states (e.g. dashboard layout). `next-auth` `v4.24.5` contains a patch for the vulnerability. As a workaround, using a custom authorization callback for Middleware, developers can manually do a basic authentication.
FIRST-EPSS: 0.000630000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2022-43675
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43675. An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters.
CVE-2022-43675
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-43675. An issue was discovered in NOKIA NFM-T R19.9. Reflected XSS in the Network Element Manager exists via /oms1350/pages/otn/cpbLogDisplay via the filename parameter, under /oms1350/pages/otn/connection/E2ERoutingDisplayWithOverLay via the id parameter, and under /oms1350/pages/otn/mainOtn via all parameters.
#ExploitObserverAlert
CVE-2023-50339
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50339. Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.
CVE-2023-50339
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50339. Stored cross-site scripting vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.1.11. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the site using the product.
#ExploitObserverAlert
CVE-2023-50332
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50332. Improper authorization vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention.
CVE-2023-50332
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-50332. Improper authorization vulnerability exists in the User Management (/admin/users) page of GROWI versions prior to v6.0.6. If this vulnerability is exploited, a user may delete or suspend its own account without the user's intention.