๐จ CVE-2023-3267
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.
๐@cveNotify
When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server.
๐@cveNotify
Trellix
The Threat Lurking in Data Centers โ Hack Power Management Systems, Take All the Power
The world has become increasingly reliant on data and the data center infrastructure that supports the foundation of our internet services.
๐จ CVE-2023-3266
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.
๐@cveNotify
A non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.
๐@cveNotify
Trellix
The Threat Lurking in Data Centers โ Hack Power Management Systems, Take All the Power
The world has become increasingly reliant on data and the data center infrastructure that supports the foundation of our internet services.
๐จ CVE-2023-3265
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.
๐@cveNotify
An authentication bypass exists on CyberPower PowerPanel Enterprise by failing to sanitize meta-characters from the username, allowing an attacker to login into the application with the default user "cyberpower" by appending a non-printable character.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator with hardcoded default credentials.
๐@cveNotify
Trellix
The Threat Lurking in Data Centers โ Hack Power Management Systems, Take All the Power
The world has become increasingly reliant on data and the data center infrastructure that supports the foundation of our internet services.
๐จ CVE-2023-3264
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.
๐@cveNotify
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.
๐@cveNotify
Trellix
The Threat Lurking in Data Centers โ Hack Power Management Systems, Take All the Power
The world has become increasingly reliant on data and the data center infrastructure that supports the foundation of our internet services.
๐จ CVE-2023-3263
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.
๐@cveNotify
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution.
๐@cveNotify
Trellix
The Threat Lurking in Data Centers โ Hack Power Management Systems, Take All the Power
The world has become increasingly reliant on data and the data center infrastructure that supports the foundation of our internet services.
๐จ CVE-2023-4321
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.
๐@cveNotify
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.4.3.
๐@cveNotify
GitHub
prevent xhtml files from being uploaded in the assets manager ยท Cockpit-HQ/Cockpit@34ab31e
Cockpit Core - Content Platform. Contribute to Cockpit-HQ/Cockpit development by creating an account on GitHub.
๐จ CVE-2023-3160
The vulnerability potentially allows an attacker to misuse ESETโs file operations during the module update to delete or move files without having proper permissions.
๐@cveNotify
The vulnerability potentially allows an attacker to misuse ESETโs file operations during the module update to delete or move files without having proper permissions.
๐@cveNotify
๐จ CVE-2023-37847
novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.
๐@cveNotify
novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability.
๐@cveNotify
Xxyopen
ๅฐ่ฏด็ฒพๅๅฑ-GitHubๅผๆบๅฐ่ฏด็ณป็ป
ๅฐ่ฏด็ฒพๅๅฑๆฏไธๅฅๅผๆบๅ
่ดน็ๅฐ่ฏด็ณป็ป,ๅบไบJAVA่ฏญ่จๅผๅ,ๅ
ๆฌๅญฆไน ็ใๅบ็จ็ๅๅพฎๆๅก็็ญ,ๆฏๅๅๆๅญฆใไนฆๅบๅๅฐ่ฏด็ฝ็ซ็ๅปบ็ซ้ฆ้.
๐จ CVE-2022-22528
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The issue is with the ASE installer and does not impact other ASE binaries.
๐@cveNotify
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The issue is with the ASE installer and does not impact other ASE binaries.
๐@cveNotify
๐จ CVE-2022-28771
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
๐@cveNotify
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
๐@cveNotify
๐จ CVE-2023-39006
The Crash Reporter (crash_reporter.php) component of OPNsense before 23.7 mishandles input sanitization.
๐@cveNotify
The Crash Reporter (crash_reporter.php) component of OPNsense before 23.7 mishandles input sanitization.
๐@cveNotify
Security Audits, Penetration Tests - LogicalTrust
LogicalTrust - [EN] A-Z: OPNsense - Penetration Test
Recently we performed a non-profit penetration test of OPNsense - an open source, FreeBSD based firewall and routing platform with ~51.47K active instances according to censys.io. The assessment was focused on web GUI and API as well as some parts of theโฆ
๐จ CVE-2022-28773
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
๐@cveNotify
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
๐@cveNotify
๐จ CVE-2022-31595
SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
๐@cveNotify
SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
๐@cveNotify
๐จ CVE-2023-1119
The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability.
๐@cveNotify
The WP-Optimize WordPress plugin before 3.2.13, SrbTransLatin WordPress plugin before 2.4.1 use a third-party library that removes the escaping on some HTML characters, leading to a cross-site scripting vulnerability.
๐@cveNotify
WPScan
Multiple Plugins - Cross-Site Scripting From Third-party Library
See details on Multiple Plugins - Cross-Site Scripting From Third-party Library CVE 2023-1119. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2023-35871
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.
๐@cveNotify
The SAP Web Dispatcher - versions WEBDISP 7.53, WEBDISP 7.54, WEBDISP 7.77, WEBDISP 7.85, WEBDISP 7.89, WEBDISP 7.91, WEBDISP 7.92, WEBDISP 7.93, KERNEL 7.53, KERNEL 7.54 KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KRNL64UC 7.53, HDB 2.00, XS_ADVANCED_RUNTIME 1.00, SAP_EXTENDED_APP_SERVICES 1, has a vulnerability that can be exploited by an unauthenticated attacker to cause memory corruption through logical errors in memory management this may leads to information disclosure or system crashes, which can have low impact on confidentiality and high impact on the integrity and availability of the system.
๐@cveNotify
๐จ CVE-2023-37728
IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter.
๐@cveNotify
IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter.
๐@cveNotify
Medium
CVE-2023โ37728
Introduction:
๐จ CVE-2023-26961
Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows attackers to upload arbitrary files by changing the extension of the uploaded file.
๐@cveNotify
Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows attackers to upload arbitrary files by changing the extension of the uploaded file.
๐@cveNotify
Alteryx
AI Data Analytics Platform | Alteryx
Automate data workflows, reduce manual work, and deliver insights faster with Alteryx One. Integrates with Snowflake, Databricks, and BI tools.
๐จ CVE-2023-4219
A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236365 was assigned to this vulnerability.
๐@cveNotify
A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236365 was assigned to this vulnerability.
๐@cveNotify
๐จ CVE-2023-36344
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
๐@cveNotify
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.
๐@cveNotify
Dieboldnixdorf
Vynamicยฎ View | Availability Management for Banking | Diebold Nixdorf
With end-to-end availability management and remote-resolution capability, Vynamicโข View delivers consistent, reliable operations according to your organizationโs individual priorities.
๐จ CVE-2020-36024
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
๐@cveNotify
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::convertToType1 function.
๐@cveNotify
GitLab
NULL-Pointer Deference in `FoFiType1C::convertToType1` (#1016) ยท Issues ยท poppler / poppler ยท GitLab
Version: 20.12.1 Commit: e1f56258 How to reproduce: ./pdftops ./poc...
๐จ CVE-2020-36023
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
๐@cveNotify
An issue was discovered in freedesktop poppler version 20.12.1, allows remote attackers to cause a denial of service (DoS) via crafted .pdf file to FoFiType1C::cvtGlyph function.
๐@cveNotify
GitLab
Stack-Overflow in `FoFiType1C::cvtGlyph` results in Segmentation Fault (#1013) ยท Issues ยท poppler / poppler ยท GitLab
Version: 20.12.1 Commit: e1f56258 How to reproduce: ./pdftops ./poc...