๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.8K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.8K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24840 โ€ผ

The Squaretype WordPress theme before 3.0.4 allows unauthenticated users to manipulate the query_vars used to retrieve the posts to display in one of its REST endpoint, without any validation. As a result, private and scheduled posts could be retrieved via a crafted request.

๐Ÿ“– Read

via "National Vulnerability Database".
99 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24575 โ€ผ

The School Management System รƒยขรขโ€šยฌรขโ‚ฌล“ WPSchoolPress WordPress plugin before 2.1.10 does not properly sanitize or use prepared statements before using POST variable in SQL queries, leading to SQL injection in multiple actions available to various authenticated users, from simple subscribers/students to teachers and above.

๐Ÿ“– Read

via "National Vulnerability Database".
101 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24631 โ€ผ

The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authenticated SQL Injection

๐Ÿ“– Read

via "National Vulnerability Database".
96 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24835 โ€ผ

The WCFM รƒยขรขโ€šยฌรขโ‚ฌล“ Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape the withdrawal_vendor parameter before using it in a SQL statement, allowing low privilege users such as Subscribers to perform SQL injection attacks

๐Ÿ“– Read

via "National Vulnerability Database".
93 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-29735 โ€ผ

IBM Security Guardium 10.5, 10.6, 11.0, 11.1, 11.2, and 11.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

๐Ÿ“– Read

via "National Vulnerability Database".
94 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-40577 โ€ผ

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 in the Add-Users page via the Name parameter.

๐Ÿ“– Read

via "National Vulnerability Database".
93 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24698 โ€ผ

The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails from downloads they do not own, even if they cannot normally edit the download.

๐Ÿ“– Read

via "National Vulnerability Database".
94 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24844 โ€ผ

The Affiliates Manager WordPress plugin before 2.8.7 does not validate the orderby parameter before using it in an SQL statement in the admin dashboard, leading to an SQL Injection issue

๐Ÿ“– Read

via "National Vulnerability Database".
97 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24827 โ€ผ

The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue

๐Ÿ“– Read

via "National Vulnerability Database".
104 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24697 โ€ผ

The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stats_start_date/sdm_stats_end_date POST parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues

๐Ÿ“– Read

via "National Vulnerability Database".
111 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24669 โ€ผ

The MAZ Loader รƒยขรขโ€šยฌรขโ‚ฌล“ Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.

๐Ÿ“– Read

via "National Vulnerability Database".
116 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24829 โ€ผ

The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 does not validate and escape user input passed to the today_traffic_index AJAX action (available to any authenticated users) before using it in a SQL statement, leading to an SQL injection issue

๐Ÿ“– Read

via "National Vulnerability Database".
124 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-24695 โ€ผ

The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authentication or authorisation in place to prevent unauthenticated users to download and read the logs containing Sensitive Information such as IP Addresses and Usernames

๐Ÿ“– Read

via "National Vulnerability Database".
133 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2020-4160 โ€ผ

IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174340.

๐Ÿ“– Read

via "National Vulnerability Database".
143 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2020-4153 โ€ผ

IBM QRadar Network Security 5.4.0 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174269.

๐Ÿ“– Read

via "National Vulnerability Database".
151 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โŒ Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs โŒ

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.

๐Ÿ“– Read

via "Threat Post".
Threat Post
Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs
Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks.
160 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด What My Optometrist Taught Me About InfoSec Presentations ๐Ÿ•ด

A broken pair of eyeglasses brings into focus an important lesson about how to tailor security messages to the right audience.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
What My Optometrist Taught Me About InfoSec Presentations
A broken pair of eyeglasses brings into focus an important lesson about how to tailor security messages to the right audience.
173 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โŒ DDoS Attacks Shatter Records in Q3, Report Finds   โŒ

Q3 DDoS attacks topped thousands daily, with more growth expected.

๐Ÿ“– Read

via "Threat Post".
Threat Post
DDoS Attacks Shatter Records in Q3, Report Finds  
Q3 DDoS attacks topped thousands daily, with more growth expected.
164 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Investor Group to Acquire McAfee for $14B ๐Ÿ•ด

The group, made up of Advent, Permira, Crosspoint Capital, CPP Investments, GIC, and ADIA, will take ownership of McAfee.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Investor Group to Acquire McAfee for $14B
The group, made up of Advent, Permira, Crosspoint Capital, CPP Investments, GIC, and ADIA, will take ownership of McAfee.
157 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-39420 โ€ผ

Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php.

๐Ÿ“– Read

via "National Vulnerability Database".
151 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2021-41170 โ€ผ

### Impact Versions prior 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function in scope and can therefore be executed either by mistake or maliciously. In theory all users of the package are affected as long as they either deal with direct user input or database values. A multi-step attack on is therefore plausible. ### Patches Version 1.1.1 has addressed this vulnerability. ```php $params = [ 'reverse' => fn($input) => strrev($input), // <-- no longer possible with version ~1.1.1 'value' => 'My website' ] TemplateFunctions::registerClosure('reverse', fn($input) => strrev($input)); // <-- still possible (and nicely isolated) Template::embrace('<h1>{{reverse(value)}}</h1>', $params); ``` ### Workarounds Unfortunately only working with hardcoded values is safe in prior versions. As this likely defeats the purpose of a template engine, please upgrade. ### References As a possible exploit is relatively easy to achieve, I will not share steps to reproduce the issue for now. ### For more information If you have any questions or comments about this advisory: * Open an issue in [our repo](https://github.com/sroehrl/neoan3-template)

๐Ÿ“– Read

via "National Vulnerability Database".
173 views