‼ CVE-2022-35490 ‼
📖 Read
via "National Vulnerability Database".
Zammad 5.2.0 is vulnerable to privilege escalation. Zammad has a prevention against brute-force attacks trying to guess login credentials. After a configurable amount of attempts, users are invalidated and logins prevented. An attacker might work around this prevention, enabling them to send more than the configured amount of requests before the user invalidation takes place.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2386 ‼
📖 Read
via "National Vulnerability Database".
The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2713 ‼
📖 Read
via "National Vulnerability Database".
Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35487 ‼
📖 Read
via "National Vulnerability Database".
Zammad 5.2.0 suffers from Incorrect Access Control. Zammad did not correctly perform authorization on certain attachment endpoints. This could be abused by an unauthenticated attacker to gain access to attachments, such as emails or attached files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2409 ‼
📖 Read
via "National Vulnerability Database".
The Rough Chart WordPress plugin through 1.0.0 does not properly escape chart data label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36265 ‼
📖 Read
via "National Vulnerability Database".
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the device with root privileges. An authenticated malicious threat actor can use this page to fully compromise the device.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2395 ‼
📖 Read
via "National Vulnerability Database".
The weForms WordPress plugin before 1.6.14 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2356 ‼
📖 Read
via "National Vulnerability Database".
The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1323 ‼
📖 Read
via "National Vulnerability Database".
The Discy WordPress theme before 5.0 lacks authorization checks then processing ajax requests to the discy_update_options action, allowing any logged in users (with privileges as low as Subscriber,) to change Theme options by sending a crafted POST request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36267 ‼
📖 Read
via "National Vulnerability Database".
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2367 ‼
📖 Read
via "National Vulnerability Database".
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2269 ‼
📖 Read
via "National Vulnerability Database".
The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manage_options capability (by default admins), leading to an SQL injection📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35489 ‼
📖 Read
via "National Vulnerability Database".
In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizations of the system rather than only those to which they are assigned.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2355 ‼
📖 Read
via "National Vulnerability Database".
The Easy Username Updater WordPress plugin before 1.0.5 does not implement CSRF checks, which could allow attackers to make a logged in admin change any user's username includes the admin📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35493 ‼
📖 Read
via "National Vulnerability Database".
A Cross-site scripting (XSS) vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the get_products?search parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2426 ‼
📖 Read
via "National Vulnerability Database".
The Thinkific Uploader WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks against other administrators.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2391 ‼
📖 Read
via "National Vulnerability Database".
The Inspiro PRO WordPress plugin does not sanitize the portfolio slider description, allowing users with privileges as low as Contributor to inject JavaScript into the description.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36264 ‼
📖 Read
via "National Vulnerability Database".
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file.📖 Read
via "National Vulnerability Database".
🕴 Dark Reading News Desk: Live at Black Hat USA 2022 🕴
📖 Read
via "Dark Reading".
LIVE: Dark Reading News Desk at Black Hat USA 2022📖 Read
via "Dark Reading".
Dark Reading
Dark Reading News Desk: Live at Black Hat USA 2022
Dark Reading News Desk returns to Black Hat USA 2022
🛠 American Fuzzy Lop plus plus 4.02c 🛠
📖 Read
via "Packet Storm Security".
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.📖 Read
via "Packet Storm Security".
Packetstormsecurity
American Fuzzy Lop plus plus 4.02c ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🔏 How to Prevent Ransomware: 7 Tips to Avoid a Ransomware Attack 🔏
📖 Read
via "".
Trying to prevent ransomware at your organization? Having backups in place and an incident response plan are only part of it. Here are some tips on preventing and mitigating ransomware attacks.📖 Read
via "".