π¨ CVE-2024-33988
Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and 'YearLevel' parameters in '/report/attendance_print.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Attendance Monitoring System and School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain details of their session cookie via the 'Attendance', 'attenddate' and 'YearLevel' parameters in '/report/attendance_print.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2024-33989
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'eventdate' and 'events' parameters in 'port/event_print.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'eventdate' and 'events' parameters in 'port/event_print.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2024-33990
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters in '/user/index.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted javascript payload to an authenticated user and partially take over their browser session via the 'id' and 'view' parameters in '/user/index.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2024-33991
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/eventwinner/index.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/eventwinner/index.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2024-33992
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the 'view' parameter in '/student/index.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2024-33993
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'.
π@cveNotify
Cross-Site Scripting (XSS) vulnerability in School Event Management System affecting version 1.0. An attacker could create a specially crafted URL and send it to a victim to obtain their session details via the 'view' parameter in /candidate/index.php'.
π@cveNotify
www.incibe.es
Multiple vulnerabilities in Janobe products
INCIBE has coordinated the publication of 40 vulnerabilities affecting Janobe, a payment system that i
π¨ CVE-2023-6696
The Popup Builder β Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check, the nonce can be obtained from the profile page of a logged-in user. This allows subscribers to perform several actions including deleting subscribers and perform blind Server-Side Request Forgery.
π@cveNotify
The Popup Builder β Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check, the nonce can be obtained from the profile page of a logged-in user. This allows subscribers to perform several actions including deleting subscribers and perform blind Server-Side Request Forgery.
π@cveNotify
π¨ CVE-2024-37343
There is a cross-site scripting vulnerability in the Secure
Access administrative console of Absolute Secure Access prior to version 13.06.
Attackers with valid tunnel credentials can pass a limited-length script to the
administrative console which is then temporarily stored where an administrator
using a non-default configuration could click on it while the attacker has a
valid tunnel session with the server. The scope is unchanged, there is no loss
of confidentiality. Impact to system availability is none, impact to system
integrity is high.
π@cveNotify
There is a cross-site scripting vulnerability in the Secure
Access administrative console of Absolute Secure Access prior to version 13.06.
Attackers with valid tunnel credentials can pass a limited-length script to the
administrative console which is then temporarily stored where an administrator
using a non-default configuration could click on it while the attacker has a
valid tunnel session with the server. The scope is unchanged, there is no loss
of confidentiality. Impact to system availability is none, impact to system
integrity is high.
π@cveNotify
Absolute
CVE-2024-37343 | Secure Access 13.06 | Absolute Security
Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.06
π¨ CVE-2024-37344
There is a cross-site scripting vulnerability in the Policy
management UI of Absolute Secure Access prior to version 13.06. Attackers with
system administrator permissions can interfere with another system
administratorβs use of the policy management UI when the administrators are
editing the same policy object. The scope is unchanged, there is no loss of
confidentiality. Impact to system availability is none, impact to system
integrity is high.
π@cveNotify
There is a cross-site scripting vulnerability in the Policy
management UI of Absolute Secure Access prior to version 13.06. Attackers with
system administrator permissions can interfere with another system
administratorβs use of the policy management UI when the administrators are
editing the same policy object. The scope is unchanged, there is no loss of
confidentiality. Impact to system availability is none, impact to system
integrity is high.
π@cveNotify
Absolute
CVE-2024-37344 | Secure Access 13.06 | Absolute Security
Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.06
π¨ CVE-2024-37345
There is a cross-site scripting vulnerability in the Secure
Access administrative UI of Absolute Secure Access prior to version 13.06.
Attackers can pass a limited-length script to the administrative UI which is
then stored where an administrator can access it. The scope is unchanged, there
is no loss of confidentiality. Impact to system availability is none, impact to
system integrity is high
π@cveNotify
There is a cross-site scripting vulnerability in the Secure
Access administrative UI of Absolute Secure Access prior to version 13.06.
Attackers can pass a limited-length script to the administrative UI which is
then stored where an administrator can access it. The scope is unchanged, there
is no loss of confidentiality. Impact to system availability is none, impact to
system integrity is high
π@cveNotify
Absolute
CVE-2024-37345 | Secure Access 13.06 | Absolute Security
Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.06
π¨ CVE-2024-37347
There is a cross-site scripting vulnerability in the pool
configuration component of the management UI of Absolute Secure Access prior to
13.06. Attackers with system administrator permissions can pass a limited
length script to be run by another administrator. The scope is unchanged, there
is no loss of confidentiality. Impact to system integrity is high, impact to
system availability is none.
π@cveNotify
There is a cross-site scripting vulnerability in the pool
configuration component of the management UI of Absolute Secure Access prior to
13.06. Attackers with system administrator permissions can pass a limited
length script to be run by another administrator. The scope is unchanged, there
is no loss of confidentiality. Impact to system integrity is high, impact to
system availability is none.
π@cveNotify
Absolute
CVE-2024-37347 | Secure Access 13.06 | Absolute Security
Cross-site scripting vulnerability in the Secure Access administrative console prior to 13.06
π¨ CVE-2024-7212
A vulnerability, which was classified as critical, has been found in TOTOLINK A7000R 9.1.0u.6268_B20220504. This issue affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272783. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability, which was classified as critical, has been found in TOTOLINK A7000R 9.1.0u.6268_B20220504. This issue affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272783. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
π¨ CVE-2024-7217
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. This vulnerability affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272788. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical. This vulnerability affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272788. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
π¨ CVE-2024-5745
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-267414 is the identifier assigned to this vulnerability.
π@cveNotify
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-267414 is the identifier assigned to this vulnerability.
π@cveNotify
GitHub
CVE/07_06_2024_a.md at main Β· L1OudFd8cl09/CVE
Contribute to L1OudFd8cl09/CVE development by creating an account on GitHub.
π¨ CVE-2013-0346
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any sensitive information."
π@cveNotify
Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any sensitive information."
π@cveNotify
π¨ CVE-2024-20005
In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599.
π@cveNotify
In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599.
π@cveNotify
MediaTek
March 2024
π¨ CVE-2024-20027
In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633.
π@cveNotify
In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633.
π@cveNotify
MediaTek
March 2024
π¨ CVE-2024-27564
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.
π@cveNotify
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter.
π@cveNotify
GitHub
SSRF vulnerability in `pictureproxy.php` File Β· Issue #114 Β· dirk1983/deepseek
SSRF vulnerability in pictureproxy.php File (chatgpt) 0x01 Affected version vendor: https://github.com/dirk1983/chatgpt version: [release]((f9f4bbc)) php version: 7.x 0x02 Vulnerability description...
π¨ CVE-2023-49979
A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.
π@cveNotify
A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.
π@cveNotify
GitHub
GitHub - geraldoalcantara/CVE-2023-49979: Best Student Management System v1.0 - Incorrect Access Control - Directory Listing
Best Student Management System v1.0 - Incorrect Access Control - Directory Listing - geraldoalcantara/CVE-2023-49979
π¨ CVE-2024-2053
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the "www-data" user.
π@cveNotify
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the "www-data" user. This issue was demonstrated on version 4.50 of the The Artica-Proxy administrative web application attempts to prevent local file inclusion. These protections can be bypassed and arbitrary file requests supplied by unauthenticated users will be returned according to the privileges of the "www-data" user.
π@cveNotify
seclists.org
Full Disclosure: KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
π¨ CVE-2024-22724
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.
π@cveNotify
An issue was discovered in osCommerce v4, allows local attackers to bypass file upload restrictions and execute arbitrary code via administrator profile photo upload feature.
π@cveNotify
GitHub
Security Issues in osCommerce v4 Β· Issue #62 Β· osCommerce/osCommerce-V4
RCE via file upload bypass Hello team, I have identified a security vulnerability while editing the administrator's profile picture. By manipulating the file extension from 'shell.gif' ...