‼ CVE-2022-3343 ‼
📖 Read
via "National Vulnerability Database".
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4426 ‼
📖 Read
via "National Vulnerability Database".
The Mautic Integration for WooCommerce WordPress plugin before 1.0.3 does not have proper CSRF check when updating settings, and does not ensure that the options to be updated belong to the plugin, allowing attackers to make a logged in admin change arbitrary blog options via a CSRF attack.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4102 ‼
📖 Read
via "National Vulnerability Database".
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorization and CSRF checks when deleting a template and does not ensure that the post to be deleted is a template. This could allow any authenticated users, such as subscribers, to delete arbitrary posts assuming they know the related slug.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4103 ‼
📖 Read
via "National Vulnerability Database".
The Royal Elementor Addons WordPress plugin before 1.3.56 does not have authorisation and CSRF checks when creating a template, and does not ensure that the post created is a template. This could allow any authenticated users, such as subscriber to create a post (as well as any post type) with an arbitrary title📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4374 ‼
📖 Read
via "National Vulnerability Database".
The Bg Bible References WordPress plugin through 3.8.14 does not sanitize and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3679 ‼
📖 Read
via "National Vulnerability Database".
The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an imported file, which could lead to PHP object injection issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0018 ‼
📖 Read
via "National Vulnerability Database".
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these reports are viewable, anyone who opens those reports would be susceptible to stored XSS attacks. As a result of the attack, information maintained in the victim's web browser can be read, modified, and sent to the attacker.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0016 ‼
📖 Read
via "National Vulnerability Database".
SAP BPC MS 10.0 - version 810, allows an unauthorized attacker to execute crafted database queries. The exploitation of this issue could lead to SQL injection vulnerability and could allow an attacker to access, modify, and/or delete data from the backend database.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0017 ‼
📖 Read
via "National Vulnerability Database".
An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data on the current system. This could allow the attacker to have full read access to user data, make modifications to user data, and make services within the system unavailable.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0022 ‼
📖 Read
via "National Vulnerability Database".
SAP BusinessObjects Business Intelligence Analysis edition for OLAP allows an authenticated attacker to inject malicious code that can be executed by the application over the network. On successful exploitation, an attacker can perform operations that may completely compromise the application causing a high impact on the confidentiality, integrity, and availability of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0015 ‼
📖 Read
via "National Vulnerability Database".
In SAP BusinessObjects Business Intelligence Platform (Web Intelligence user interface) - version 420, some calls return json with wrong content type in the header of the response. As a result, a custom application that calls directly the jsp of Web Intelligence DHTML may be vulnerable to XSS attacks. On successful exploitation an attacker can cause limited impact on confidentiality and integrity of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22320 ‼
📖 Read
via "National Vulnerability Database".
OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0023 ‼
📖 Read
via "National Vulnerability Database".
In SAP Bank Account Management (Manage Banks) application, when a user clicks a smart link to navigate to another app, personal data is shown directly in the URL. They might get captured in log files, bookmarks, and so on disclosing sensitive data of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0014 ‼
📖 Read
via "National Vulnerability Database".
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22895 ‼
📖 Read
via "National Vulnerability Database".
The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0013 ‼
📖 Read
via "National Vulnerability Database".
The ABAP Keyword Documentation of SAP NetWeaver Application Server - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, for ABAP and ABAP Platform does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an attacker can cause limited impact on confidentiality and integrity of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0012 ‼
📖 Read
via "National Vulnerability Database".
In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2023-22898 ‼
📖 Read
via "National Vulnerability Database".
workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb).📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2023-22899 ‼
📖 Read
via "National Vulnerability Database".
Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45092 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially read and write arbitrary files from and to the device's file system. An attacker might leverage this to trigger remote code execution on the affected component.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45094 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An authenticated remote attacker with access to the Web Based Management (443/tcp) of the affected product, could potentially inject commands into the dhcpd configuration of the affected product. An attacker might leverage this to trigger remote code execution on the affected component.📖 Read
via "National Vulnerability Database".