#ExploitObserverAlert
GHSA-38jp-hqg7-hhj2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-38JP-HQG7-HHJ2. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
GHSS: 5.4
GHSA-38jp-hqg7-hhj2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-38JP-HQG7-HHJ2. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
GHSS: 5.4
#ExploitObserverAlert
GHSA-gvwr-5hrc-2gr5
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-GVWR-5HRC-2GR5. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
GHSS: 7.8
GHSA-gvwr-5hrc-2gr5
DESCRIPTION: Exploit Observer has 8 entries related to GHSA-GVWR-5HRC-2GR5. Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
GHSS: 7.8
#ExploitObserverAlert
GHSA-j852-mp82-wv2g
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-J852-MP82-WV2G.
GHSS: 5.4
GHSA-j852-mp82-wv2g
DESCRIPTION: Exploit Observer has 3 entries related to GHSA-J852-MP82-WV2G.
GHSS: 5.4
#ExploitObserverAlert
CVE-2021-35247
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
FIRST-EPSS: 0.008090000
NVD-IS: 1.4
NVD-ES: 3.9
CVE-2021-35247
DESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35247. Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U.
FIRST-EPSS: 0.008090000
NVD-IS: 1.4
NVD-ES: 3.9
#ExploitObserverAlert
CVE-2023-6359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6359. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
CVE-2023-6359
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-6359. A Cross-Site Scripting (XSS) vulnerability has been found in Alumne LMS affecting version 4.0.0.1.08. An attacker could exploit the 'localidad' parameter to inject a custom JavaScript payload and partially take over another user's browser session, due to the lack of proper sanitisation of the 'localidad' field on the /users/editmy page.
#ExploitObserverAlert
GHSA-c9g8-fgq6-h2wg
DESCRIPTION: Exploit Observer has 14 entries related to GHSA-C9G8-FGQ6-H2WG. A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database.
GHSS: 9.8
GHSA-c9g8-fgq6-h2wg
DESCRIPTION: Exploit Observer has 14 entries related to GHSA-C9G8-FGQ6-H2WG. A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to log in to the CLI of an affected system by using the SCP User account (scpuser), which has default user credentials. The vulnerability is due to the presence of a documented default account with an undocumented default password and incorrect permission settings for that account. Changing the default password for this account is not enforced during the installation of the product. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the scpuser account. This includes full read and write access to the system's database.
GHSS: 9.8
#ExploitObserverAlert
GHSA-j683-v94g-h65c
DESCRIPTION: Exploit Observer has 10 entries related to GHSA-J683-V94G-H65C. In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their respective branches, a format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
GHSS: 9.9
GHSA-j683-v94g-h65c
DESCRIPTION: Exploit Observer has 10 entries related to GHSA-J683-V94G-H65C. In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their respective branches, a format string vulnerability exists in iControl SOAP that allows an authenticated attacker to crash the iControl SOAP CGI process or, potentially execute arbitrary code. In appliance mode BIG-IP, a successful exploit of this vulnerability can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
GHSS: 9.9
#ExploitObserverAlert
CVE-2023-1971
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1971. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
FIRST-EPSS: 0.000630000
NVD-IS: 3.6
NVD-ES: 1.2
CVE-2023-1971
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-1971. ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
FIRST-EPSS: 0.000630000
NVD-IS: 3.6
NVD-ES: 1.2
#ExploitObserverAlert
GHSA-h7rr-pq87-v2r8
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-H7RR-PQ87-V2R8. The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
GHSS: 7.8
GHSA-h7rr-pq87-v2r8
DESCRIPTION: Exploit Observer has 4 entries related to GHSA-H7RR-PQ87-V2R8. The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
GHSS: 7.8
#ExploitObserverAlert
CVE-2023-49103
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.009170000
CVE-2023-49103
DESCRIPTION: Exploit Observer has 10 entries related to CVE-2023-49103. An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
FIRST-EPSS: 0.009170000
#ExploitObserverAlert
GHSA-qr7h-8pv2-xvx2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-QR7H-8PV2-XVX2. ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
GHSS: 4.9
GHSA-qr7h-8pv2-xvx2
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-QR7H-8PV2-XVX2. ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225408. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
GHSS: 4.9
#ExploitObserverAlert
CVE-2023-25157
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.
FIRST-EPSS: 0.386710000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-25157
DESCRIPTION: Exploit Observer has 27 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.
FIRST-EPSS: 0.386710000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-cxqv-r2cc-r9c9
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-CXQV-R2CC-R9C9. Improper input validation of octal strings in Python stdlib ipaddress 3.10 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. IP address octects are left stripped instead of evaluated as valid IP addresses.
GHSS: 9.8
GHSA-cxqv-r2cc-r9c9
DESCRIPTION: Exploit Observer has 19 entries related to GHSA-CXQV-R2CC-R9C9. Improper input validation of octal strings in Python stdlib ipaddress 3.10 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many programs that rely on Python stdlib ipaddress. IP address octects are left stripped instead of evaluated as valid IP addresses.
GHSS: 9.8
#ExploitObserverAlert
CVE-2023-49104
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49104. An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.
FIRST-EPSS: 0.000430000
CVE-2023-49104
DESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49104. An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the attacker.
FIRST-EPSS: 0.000430000
#ExploitObserverAlert
GHSA-j4ph-gqh2-8f93
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-J4PH-GQH2-8F93. Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
GHSS: 3.5
GHSA-j4ph-gqh2-8f93
DESCRIPTION: Exploit Observer has 1 entries related to GHSA-J4PH-GQH2-8F93. Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.
GHSS: 3.5
#ExploitObserverAlert
GHSA-x73w-g8hx-v7rp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-X73W-G8HX-V7RP. An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
GHSS: 9.8
GHSA-x73w-g8hx-v7rp
DESCRIPTION: Exploit Observer has 2 entries related to GHSA-X73W-G8HX-V7RP. An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary code via unverified request to electerms service.
GHSS: 9.8
#ExploitObserverAlert
CVE-2016-5195
DESCRIPTION: Exploit Observer has 548 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
CVE-2016-5195
DESCRIPTION: Exploit Observer has 548 entries related to CVE-2016-5195. Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
FIRST-EPSS: 0.879360000
NVD-IS: 5.9
NVD-ES: 1.8
#ExploitObserverAlert
CVE-2023-29357
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.688010000
NVD-IS: 5.9
NVD-ES: 3.9
CVE-2023-29357
DESCRIPTION: Exploit Observer has 36 entries related to CVE-2023-29357. Microsoft SharePoint Server Elevation of Privilege Vulnerability
FIRST-EPSS: 0.688010000
NVD-IS: 5.9
NVD-ES: 3.9
#ExploitObserverAlert
GHSA-gww8-rh9f-5mjq
DESCRIPTION: Exploit Observer has 22 entries related to GHSA-GWW8-RH9F-5MJQ. Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
GHSS: 9.8
GHSA-gww8-rh9f-5mjq
DESCRIPTION: Exploit Observer has 22 entries related to GHSA-GWW8-RH9F-5MJQ. Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
GHSS: 9.8
#ExploitObserverAlert
CVE-2022-21248
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-21248. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
FIRST-EPSS: 0.000960000
NVD-IS: 1.4
NVD-ES: 2.2
CVE-2022-21248
DESCRIPTION: Exploit Observer has 22 entries related to CVE-2022-21248. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
FIRST-EPSS: 0.000960000
NVD-IS: 1.4
NVD-ES: 2.2
#ExploitObserverAlert
CVE-2023-47184
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-47184. Auth. (admin ) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar
CVE-2023-47184
DESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-47184. Auth. (admin ) Stored Cross-Site Scripting (XSS) vulnerability in Proper Fraction LLC. Admin Bar