π¨ CVE-2022-26251
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
π@cveNotify
The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges.
π@cveNotify
Jeffrey Bencteux
Multiple vulnerabilities in Synametrics' Synaman
While doing a CTF box, I escalated privileges using an unintended path that led to the below discoveries.
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
Synametrics definition of Synaman:
βSynaMan - A Remote File Manager - Share large files with colleagues without compromising on security.β // mark thisβ¦
π¨ CVE-2022-26643
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
π@cveNotify
An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application.
π@cveNotify
Gist
CVE-2022-26643
CVE-2022-26643. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2021-44595
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
π@cveNotify
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-44596
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges
π@cveNotify
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2022-28568
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
π@cveNotify
Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored.
π@cveNotify
GitHub
CVE/CVE-2022-28568 at main Β· b3nj1-1/CVE
Contribute to b3nj1-1/CVE development by creating an account on GitHub.
π¨ CVE-2022-29347
An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file.
π@cveNotify
An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file.
π@cveNotify
GitHub
MyOwnCVEs/CVE-2022-29347 at main Β· evildrummer/MyOwnCVEs
Repo of CVEs i submitted. Contribute to evildrummer/MyOwnCVEs development by creating an account on GitHub.
π¨ CVE-2021-43712
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.
π@cveNotify
Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field.
π@cveNotify
Medium
CVE-2021β43712 Stored XSS. How I got my first CVE
Hello, This is my first CVE Write-up, and also Personally the first CVE id Iβve received.
π¨ CVE-2022-28932
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
π@cveNotify
D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.
π@cveNotify
π¨ CVE-2022-30014
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
π@cveNotify
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
π@cveNotify
GitHub
bugsdisclose/csrf at main Β· offsecin/bugsdisclose
Contribute to offsecin/bugsdisclose development by creating an account on GitHub.
π¨ CVE-2022-28944
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ΒΆΒΆ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.
π@cveNotify
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ΒΆΒΆ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process.
π@cveNotify
GitHub
cve-2022-28944/cve-2022-28944_public-advisory.pdf at main Β· gar-re/cve-2022-28944
Contribute to gar-re/cve-2022-28944 development by creating an account on GitHub.
π¨ CVE-2022-29333
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file.
π@cveNotify
A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file.
π@cveNotify
YouTube
CVE-2022-0354: Local Privilege Escalation - Lenovo Commerical Vantage
We abuse the way Lenovo rolls out specific legay packages to escalate an unprivileged user to system privleges by abusing the WIndows context menu of an opened Windows Command Shell Window.
The following packages are until known which are effected:
- Intelβ¦
The following packages are until known which are effected:
- Intelβ¦
π¨ CVE-2022-27305
Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.
π@cveNotify
Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation.
π@cveNotify
GitHub
Session Vulnerability in Gibbon Core
In March 2022 the Gibbon team were alerted to a security vulnerability in the Gibbon Core. We have worked to identify and verify the fix and create a patch release of Gibbon, [v23.0.02](https://git...
π¨ CVE-2022-24238
ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting (XSS) vulnerability via the txtNmName1 parameter in person.awp.
π@cveNotify
ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting (XSS) vulnerability via the txtNmName1 parameter in person.awp.
π@cveNotify
π¨ CVE-2022-24239
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp.
π@cveNotify
ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp.
π@cveNotify
π¨ CVE-2022-24240
ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp.
π@cveNotify
ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp.
π@cveNotify
π¨ CVE-2022-24241
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.
π@cveNotify
ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp.
π@cveNotify
π¨ CVE-2022-24581
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software.
π@cveNotify
ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software.
π@cveNotify
π¨ CVE-2022-28945
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file.
π@cveNotify
An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file.
π@cveNotify
GitHub
zip-slip Β· Issue #2324 Β· WeBankPartners/wecube-platform
θ§£εζδ»ΆζΆζͺε―Ή ../ θΏθ‘ζ ‘ιͺ DemoοΌ packagecom.sp.test; importorg.apache.commons.fileupload.FileItem; importorg.apache.commons.fileupload.FileItemFactory; importorg.apache.commons.fileupload.disk.DiskFileItemFa...
π¨ CVE-2022-27438
Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
π@cveNotify
Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.
π@cveNotify
π¨ CVE-2021-42675
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.
π@cveNotify
Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution.
π@cveNotify
Twitter
vlynx
Kreado Kreasfero 1.5 allows file upload and execution lead to compromising the server with a webshell.
π¨ CVE-2022-30023
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
π@cveNotify
Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function.
π@cveNotify
GitHub
GitHub - Haniwa0x01/CVE-2022-30023
Contribute to Haniwa0x01/CVE-2022-30023 development by creating an account on GitHub.