#ExploitObserverAlert
CVE-2024-1647
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1647. Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user.
FIRST-EPSS: 0.000870000
NVD-IS: 3.6
NVD-ES: 3.9
CVE-2024-1647
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-1647. Pyhtml2pdf version 0.0.6 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user.
FIRST-EPSS: 0.000870000
NVD-IS: 3.6
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2024-25974
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25974. The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting (XSS) vulnerability. It is possible to upload files within the Media Center of OpenOlat version 18.1.5 (or lower) as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing an XSS payload can be uploaded. After a successful upload the file can be shared with groups of users (including admins) who can be attacked with the JavaScript payload.
CVE-2024-25974
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25974. The Frentix GmbH OpenOlat LMS is affected by stored a Cross-Site Scripting (XSS) vulnerability. It is possible to upload files within the Media Center of OpenOlat version 18.1.5 (or lower) as an authenticated user without any other rights. Although the filetypes are limited, an SVG image containing an XSS payload can be uploaded. After a successful upload the file can be shared with groups of users (including admins) who can be attacked with the JavaScript payload.
#ExploitObserverAlert
CVE-2023-51770
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51770. Arbitrary File Read Vulnerability in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
CVE-2023-51770
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-51770. Arbitrary File Read Vulnerability in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
#ExploitObserverAlert
PD/javascript/misconfiguration/smb/smb-anonymous-access
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/javascript/misconfiguration/smb/smb-anonymous-access. Detects anonymous access to SMB shares on a remote server.
PD/javascript/misconfiguration/smb/smb-anonymous-access
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/javascript/misconfiguration/smb/smb-anonymous-access. Detects anonymous access to SMB shares on a remote server.
#ExploitObserverAlert
CVE-2024-25606
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25606. XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive information or consume system resources via the Java2WsddTask._format method.
CVE-2024-25606
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25606. XXE vulnerability in Liferay Portal 7.2.0 through 7.4.3.7, and older unsupported versions, and Liferay DXP 7.4 before update 4, 7.3 before update 12, 7.2 before fix pack 20, and older unsupported versions allows attackers with permission to deploy widgets/portlets/extensions to obtain sensitive information or consume system resources via the Java2WsddTask._format method.
#ExploitObserverAlert
CVE-2024-25605
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25605. The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attackers to view any template via the UI or API.
CVE-2024-25605
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25605. The Journal module in Liferay Portal 7.2.0 through 7.4.3.4, and older unsupported versions, and Liferay DXP 7.4.13, 7.3 before service pack 3, 7.2 before fix pack 17, and older unsupported versions grants guest users view permission to web content templates by default, which allows remote attackers to view any template via the UI or API.
#ExploitObserverAlert
GHSA-3w4h-r27h-4r2w
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-3w4h-r27h-4r2w. TYPO3 Image Processing susceptible to Code Execution
GHSA-3w4h-r27h-4r2w
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-3w4h-r27h-4r2w. TYPO3 Image Processing susceptible to Code Execution
#ExploitObserverAlert
TALOS-2023-1843
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to TALOS-2023-1843. Contact Cisco Talos Incident Response.
TALOS-2023-1843
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to TALOS-2023-1843. Contact Cisco Talos Incident Response.
#ExploitObserverAlert
PD/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers. "SSH Server CBC Mode Ciphers Enabled" signifies that the SSH server supports Cipher Block Chaining (CBC) mode ciphers, which are known for potential vulnerabilities. This configuration poses a security risk, and it's recommended to disable CBC ciphers in favor of more secure alternatives for enhanced protection during data transmission.
PD/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PD/javascript/misconfiguration/ssh/ssh-cbc-mode-ciphers. "SSH Server CBC Mode Ciphers Enabled" signifies that the SSH server supports Cipher Block Chaining (CBC) mode ciphers, which are known for potential vulnerabilities. This configuration poses a security risk, and it's recommended to disable CBC ciphers in favor of more secure alternatives for enhanced protection during data transmission.
#ExploitObserverAlert
CVE-2023-49109
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49109. Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
CVE-2023-49109
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49109. Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
#ExploitObserverAlert
CVE-2024-25608
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25608. HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' (U+FFFD), which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, (3) `noSuchEntryRedirect` parameter, and (4) others parameters that rely on HtmlUtil.escapeRedirect.
CVE-2024-25608
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25608. HtmlUtil.escapeRedirect in Liferay Portal 7.2.0 through 7.4.3.18, and older unsupported versions, and Liferay DXP 7.4 before update 19, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions can be circumvented by using the 'REPLACEMENT CHARACTER' (U+FFFD), which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, (3) `noSuchEntryRedirect` parameter, and (4) others parameters that rely on HtmlUtil.escapeRedirect.
#ExploitObserverAlert
GHSA-5jjq-8cvj-v6m9
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-5jjq-8cvj-v6m9. Cross-site Scripting in Serenity
GHSA-5jjq-8cvj-v6m9
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-5jjq-8cvj-v6m9. Cross-site Scripting in Serenity
#ExploitObserverAlert
CVE-2023-52433
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52433. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element.
CVE-2023-52433
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-52433. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise commit path might walk over an already released object. Once transaction is finished, async GC will collect such expired element.
#ExploitObserverAlert
CVE-2023-50306
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-50306. IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.
CVE-2023-50306
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-50306. IBM Common Licensing 9.0 could allow a local user to enumerate usernames due to an observable response discrepancy. IBM X-Force ID: 273337.
#ExploitObserverAlert
GHSA-7496-fgv9-xw82
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-7496-fgv9-xw82. Unencrypted ingress/health traffic when using Wireguard transparent encryption
GHSA-7496-fgv9-xw82
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-7496-fgv9-xw82. Unencrypted ingress/health traffic when using Wireguard transparent encryption
#ExploitObserverAlert
CVE-2024-23606
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-23606. An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2024-23606
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-23606. An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
WLB-2024020062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020062. Employee Management System v.1.0 - SQL Injection.
WLB-2024020062
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020062. Employee Management System v.1.0 - SQL Injection.
#ExploitObserverAlert
CVE-2024-21678
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-21678. This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2| |from 8.6.0 to 8.6.1|8.8.0 recommended| |from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS| |from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS| |from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS| |from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS| |from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS| |from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS| |from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS| |from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS| |from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| |from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| |Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| Server Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended | |from 8.4.0 to 8.4.5|8.5.6 LTS recommended| |from 8.3.0 to 8.3.4|8.5.6 LTS recommended| |from 8.2.0 to 8.2.3|8.5.6 LTS recommended| |from 8.1.0 to 8.1.4|8.5.6 LTS recommended| |from 8.0.0 to 8.0.4|8.5.6 LTS recommended| |from 7.20.0 to 7.20.3|8.5.6 LTS recommended| |from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS| |from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS| |from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS| |Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS| See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]). This vulnerability was reported via our Bug Bounty program.
CVE-2024-21678
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-21678. This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center. This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary HTML or JavaScript code on a victims browser which has high impact to confidentiality, low impact to integrity, no impact to availability, and requires no user interaction. Data Center Atlassian recommends that Confluence Data Center customers upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.7.0 to 8.7.1|8.8.0 recommended or 8.7.2| |from 8.6.0 to 8.6.1|8.8.0 recommended| |from 8.5.0 to 8.5.4 LTS|8.8.0 recommended or 8.5.5 LTS or 8.5.6 LTS| |from 8.4.0 to 8.4.5|8.8.0 recommended or 8.5.6 LTS| |from 8.3.0 to 8.3.4|8.8.0 recommended or 8.5.6 LTS| |from 8.2.0 to 8.2.3|8.8.0 recommended or 8.5.6 LTS| |from 8.1.0 to 8.1.4|8.8.0 recommended or 8.5.6 LTS| |from 8.0.0 to 8.0.4|8.8.0 recommended or 8.5.6 LTS| |from 7.20.0 to 7.20.3|8.8.0 recommended or 8.5.6 LTS| |from 7.19.0 to 7.19.17 LTS|8.8.0 recommended or 8.5.6 LTS or 7.19.18 LTS or 7.19.19 LTS| |from 7.18.0 to 7.18.3|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| |from 7.17.0 to 7.17.5|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| |Any earlier versions|8.8.0 recommended or 8.5.6 LTS or 7.19.19 LTS| Server Atlassian recommends that Confluence Server customers upgrade to the latest 8.5.x LTS version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions: ||Affected versions||Fixed versions|| |from 8.5.0 to 8.5.4 LTS|8.5.5 LTS or 8.5.6 LTS recommended | |from 8.4.0 to 8.4.5|8.5.6 LTS recommended| |from 8.3.0 to 8.3.4|8.5.6 LTS recommended| |from 8.2.0 to 8.2.3|8.5.6 LTS recommended| |from 8.1.0 to 8.1.4|8.5.6 LTS recommended| |from 8.0.0 to 8.0.4|8.5.6 LTS recommended| |from 7.20.0 to 7.20.3|8.5.6 LTS recommended| |from 7.19.0 to 7.19.17 LTS|8.5.6 LTS recommended or 7.19.18 LTS or 7.19.19 LTS| |from 7.18.0 to 7.18.3|8.5.6 LTS recommended or 7.19.19 LTS| |from 7.17.0 to 7.17.5|8.5.6 LTS recommended or 7.19.19 LTS| |Any earlier versions|8.5.6 LTS recommended or 7.19.19 LTS| See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]). This vulnerability was reported via our Bug Bounty program.
#ExploitObserverAlert
CVE-2023-49034
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49034. Cross Site Scripting (XSS) vulnerability in ProjeQtOr 11.0.2 allows a remote attacker to execute arbitrary code via a crafted script to thecheckvalidHtmlText function in the ack.php and security.php files.
CVE-2023-49034
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-49034. Cross Site Scripting (XSS) vulnerability in ProjeQtOr 11.0.2 allows a remote attacker to execute arbitrary code via a crafted script to thecheckvalidHtmlText function in the ack.php and security.php files.
#ExploitObserverAlert
CVE-2024-25610
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25610. In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML (XSS) via a crafted payload injected into a blog entry’s content text field.
CVE-2024-25610
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-25610. In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML (XSS) via a crafted payload injected into a blog entry’s content text field.
#ExploitObserverAlert
WLB-2024020068
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020068. SPA-CART CMS - Stored XSS.
WLB-2024020068
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020068. SPA-CART CMS - Stored XSS.