‼ CVE-2022-38770 ‼
📖 Read
via "National Vulnerability Database".
The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch other users' data upon a successful login request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31324 ‼
📖 Read
via "National Vulnerability Database".
An arbitrary file download vulnerability in the downloadAction() function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38305 ‼
📖 Read
via "National Vulnerability Database".
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35413 ‼
📖 Read
via "National Vulnerability Database".
WAPPLES through 6.0 has a hardcoded systemi account accessible via db/wp.no1 (as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file). A threat actor could use this account to access the system configuration and confidential information (such as SSL keys) via an HTTPS request to the /webapi/ URI on port 443 or 5001.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38769 ‼
📖 Read
via "National Vulnerability Database".
The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35582 ‼
📖 Read
via "National Vulnerability Database".
Penta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the documentation. Knowing the credentials, attackers can use this feature to gain uncontrolled access to the device and therefore are considered an undocumented possibility for remote control.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34102 ‼
📖 Read
via "National Vulnerability Database".
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt.📖 Read
via "National Vulnerability Database".
♟️ Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday ♟️
📖 Read
via "Krebs on Security".
This month's Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16, which includes a nifty new privacy and security feature called "Lockdown Mode." And Adobe axed 63 vulnerabilities in a range of products.📖 Read
via "Krebs on Security".
Krebs on Security
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
This month's Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm.…
🕴 Key Takeaways From the Twitter Whistleblower's Testimony 🕴
📖 Read
via "Dark Reading".
Twitter did not know what data it had nor who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.📖 Read
via "Dark Reading".
Dark Reading
Key Takeaways From the Twitter Whistleblower's Testimony
Twitter did not know what data it had or who had access to it, Peiter "Mudge" Zatko told Congressional lawmakers during a Senate panel hearing.
‼ CVE-2022-36667 ‼
📖 Read
via "National Vulnerability Database".
Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37138 ‼
📖 Read
via "National Vulnerability Database".
Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-19587 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-19586 ‼
📖 Read
via "National Vulnerability Database".
Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36668 ‼
📖 Read
via "National Vulnerability Database".
Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37140 ‼
📖 Read
via "National Vulnerability Database".
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2900 ‼
📖 Read
via "National Vulnerability Database".
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 8.1.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40674 ‼
📖 Read
via "National Vulnerability Database".
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37139 ‼
📖 Read
via "National Vulnerability Database".
Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40626 ‼
📖 Read
via "National Vulnerability Database".
An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36669 ‼
📖 Read
via "National Vulnerability Database".
Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36436 ‼
📖 Read
via "National Vulnerability Database".
OSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacker with network access to the proxy server could leverage this vulnerability to connect to VNC servers protected by the proxy server without providing any authentication credentials. Exploitation of this issue requires that the proxy server is currently accepting connections for the target VNC server.📖 Read
via "National Vulnerability Database".