‼ CVE-2022-3119 ‼
📖 Read
via "National Vulnerability Database".
The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3135 ‼
📖 Read
via "National Vulnerability Database".
The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3070 ‼
📖 Read
via "National Vulnerability Database".
The Generate PDF WordPress plugin before 3.6 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2352 ‼
📖 Read
via "National Vulnerability Database".
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40927 ‼
📖 Read
via "National Vulnerability Database".
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2903 ‼
📖 Read
via "National Vulnerability Database".
The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40925 ‼
📖 Read
via "National Vulnerability Database".
Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the "save_event" file of the "Events" module in the background management system.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40926 ‼
📖 Read
via "National Vulnerability Database".
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40928 ‼
📖 Read
via "National Vulnerability Database".
Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2926 ‼
📖 Read
via "National Vulnerability Database".
The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3076 ‼
📖 Read
via "National Vulnerability Database".
The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3062 ‼
📖 Read
via "National Vulnerability Database".
The Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2987 ‼
📖 Read
via "National Vulnerability Database".
The Ldap WP Login / Active Directory Integration WordPress plugin before 3.0.2 does not have any authorisation and CSRF checks when updating it's settings (which are hooked to the init action), allowing unauthenticated attackers to update them. Attackers could set their own LDAP server to be used to authenticated users, therefore bypassing the current authentication📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3299 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1613 ‼
📖 Read
via "National Vulnerability Database".
The Restricted Site Access WordPress plugin before 7.3.2 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations in certain situations.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3098 ‼
📖 Read
via "National Vulnerability Database".
The Login Block IPs WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack📖 Read
via "National Vulnerability Database".
‼ CVE-2022-40402 ‼
📖 Read
via "National Vulnerability Database".
Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41437 ‼
📖 Read
via "National Vulnerability Database".
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558 allows an attacker to craft a specific URL that if an authenticated victim visits it, the URL will give access to the cloud storage of the attacker.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39219 ‼
📖 Read
via "National Vulnerability Database".
Bifrost is a middleware package which can synchronize MySQL/MariaDB binlog data to other types of databases. Versions 1.8.6-release and prior are vulnerable to authentication bypass when using HTTP basic authentication. This may allow group members who only have read permissions to write requests when they are normally forbidden from doing so. Version 1.8.7-release contains a patch. There are currently no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39245 ‼
📖 Read
via "National Vulnerability Database".
Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided `sudo` binary via the `PATH` variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known workarounds exist.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39243 ‼
📖 Read
via "National Vulnerability Database".
NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's Java_java_lang_UNIXProcess_forkAndExec method (1.2.0+), attackers can use NUL characters in their strings to perform command line injection. Java's ProcessBuilder isn't vulnerable because of a check in ProcessBuilder.start. NuProcess is missing that check. This vulnerability can only be exploited to inject command line arguments on Linux. Version 2.0.5 contains a patch. As a workaround, users of the library can sanitize command strings to remove NUL characters prior to passing them to NuProcess for execution.📖 Read
via "National Vulnerability Database".