π¨ CVE-2020-18324
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
π@cveNotify
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
π@cveNotify
GitHub
GitHub - hamm0nz/CVE-2020-18324: Exploit PoC for CVE-2020-18324
Exploit PoC for CVE-2020-18324. Contribute to hamm0nz/CVE-2020-18324 development by creating an account on GitHub.
π¨ CVE-2020-18326
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
π@cveNotify
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
π@cveNotify
GitHub
GitHub - hamm0nz/CVE-2020-18326: Exploit PoC for CVE-2020-18326
Exploit PoC for CVE-2020-18326. Contribute to hamm0nz/CVE-2020-18326 development by creating an account on GitHub.
π¨ CVE-2021-41657
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack.
π@cveNotify
SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack.
π@cveNotify
Gist
CVE-2021-41657
CVE-2021-41657. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2021-44620
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
π@cveNotify
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
π@cveNotify
π¨ CVE-2021-45756
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
π@cveNotify
Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi.
π@cveNotify
π¨ CVE-2021-45757
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).
π@cveNotify
ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS).
π@cveNotify
π¨ CVE-2021-46064
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.
π@cveNotify
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.
π@cveNotify
π¨ CVE-2022-26258
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
π@cveNotify
D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp.
π@cveNotify
π¨ CVE-2021-46006
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication.
π@cveNotify
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication.
π@cveNotify
π¨ CVE-2021-46007
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.
π@cveNotify
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.
π@cveNotify
π¨ CVE-2021-46008
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on.
π@cveNotify
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on.
π@cveNotify
HackMD
CVE-2021-46008 - HackMD
π¨ CVE-2021-46009
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies.
π@cveNotify
In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies.
π@cveNotify
HackMD
CVE-2021-46009 - HackMD
π¨ CVE-2021-46010
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.
π@cveNotify
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.
π@cveNotify
HackMD
CVE-2021-46010 - HackMD
π¨ CVE-2022-26250
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
π@cveNotify
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges.
π@cveNotify
Jeffrey Bencteux
Multiple vulnerabilities in Synametrics' Synaman
While doing a CTF box, I escalated privileges using an unintended path that led to the below discoveries.
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
π¨ CVE-2022-26251
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
π@cveNotify
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
π@cveNotify
Jeffrey Bencteux
Multiple vulnerabilities in Synametrics' Synaman
While doing a CTF box, I escalated privileges using an unintended path that led to the below discoveries.
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
π¨ CVE-2022-26643
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
π@cveNotify
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
π@cveNotify
Gist
CVE-2022-26643
CVE-2022-26643. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2021-44595
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
π@cveNotify
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-44596
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges
π@cveNotify
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2022-28568
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
π@cveNotify
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
π@cveNotify
GitHub
CVE/CVE-2022-28568 at main Β· b3nj1-1/CVE
Contribute to b3nj1-1/CVE development by creating an account on GitHub.
π¨ CVE-2022-29347
An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file.
π@cveNotify
An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file.
π@cveNotify
GitHub
MyOwnCVEs/CVE-2022-29347 at main Β· evildrummer/MyOwnCVEs
Repo of CVEs i submitted. Contribute to evildrummer/MyOwnCVEs development by creating an account on GitHub.
π¨ CVE-2021-43712
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.
π@cveNotify
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.
π@cveNotify
Medium
CVE-2021β43712 Stored XSS. How I got my first CVE
Hello, This is my first CVE Write-up, and also Personally the first CVE id Iβve received.