๐จ CVE-2024-23261
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.
๐@cveNotify
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.8. An attacker may be able to read information belonging to another user.
๐@cveNotify
seclists.org
Full Disclosure: APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8
๐จ CVE-2024-4871
A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it.
๐@cveNotify
A vulnerability was found in Satellite. When running a remote execution job on a host, the host's SSH key is not being checked. When the key changes, the Satellite still connects it because it uses "-o StrictHostKeyChecking=no". This flaw can lead to a man-in-the-middle attack (MITM), denial of service, leaking of secrets the remote execution job contains, or other issues that may arise from the attacker's ability to forge an SSH key. This issue does not directly allow unauthorized remote execution on the Satellite, although it can leak secrets that may lead to it.
๐@cveNotify
๐จ CVE-2024-35162
Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.
๐@cveNotify
Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.
๐@cveNotify
jvn.jp
JVN#85380030: WordPress Plugin "Download Plugins and Themes from Dashboard" vulnerable to path traversal
Japan Vulnerability Notes
๐จ CVE-2024-7306
A vulnerability, which was classified as critical, was found in SourceCodester Establishment Billing Management System 1.0. Affected is an unknown function of the file /manage_block.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273198 is the identifier assigned to this vulnerability.
๐@cveNotify
A vulnerability, which was classified as critical, was found in SourceCodester Establishment Billing Management System 1.0. Affected is an unknown function of the file /manage_block.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-273198 is the identifier assigned to this vulnerability.
๐@cveNotify
Gist
sourcecodester_Establishment Billing Management System_SQL_INJECTION_6.md
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3
๐@cveNotify
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3
๐@cveNotify
SySS Tech Blog
Hacking a Secure Industrial Remote Access Gateway
In this blog post, we describe the security analysis and the found vulnerabilities in the industrial remote access solution Ewon Cosy+.
๐จ CVE-2024-33893
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3.
๐@cveNotify
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3.
๐@cveNotify
SySS Tech Blog
Hacking a Secure Industrial Remote Access Gateway
In this blog post, we describe the security analysis and the found vulnerabilities in the industrial remote access solution Ewon Cosy+.
๐จ CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.
๐@cveNotify
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges.
๐@cveNotify
SySS Tech Blog
Hacking a Secure Industrial Remote Access Gateway
In this blog post, we describe the security analysis and the found vulnerabilities in the industrial remote access solution Ewon Cosy+.
๐จ CVE-2024-33895
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device.
๐@cveNotify
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device.
๐@cveNotify
SySS Tech Blog
Hacking a Secure Industrial Remote Access Gateway
In this blog post, we describe the security analysis and the found vulnerabilities in the industrial remote access solution Ewon Cosy+.
๐จ CVE-2024-33896
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3.
๐@cveNotify
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3.
๐@cveNotify
SySS Tech Blog
Hacking a Secure Industrial Remote Access Gateway
In this blog post, we describe the security analysis and the found vulnerabilities in the industrial remote access solution Ewon Cosy+.
๐จ CVE-2024-6966
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php of the component Login. The manipulation of the argument user/pass leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272120.
๐@cveNotify
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file login.php of the component Login. The manipulation of the argument user/pass leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272120.
๐@cveNotify
GitHub
Itsourcecode "Online Blood Bank Management System" in PHP 1.0 "login.php" SQL injection ยท Issue #1 ยท HermesCui/CVE
Itsourcecode "Online Blood Bank Management System" in PHP 1.0 "login.php" SQL injection NAME OF AFFECTED PRODUCT(S) Online Blood Bank Management System" in PHP Vendor Homep...
๐จ CVE-2024-7303
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273185 was assigned to this vulnerability.
๐@cveNotify
A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /request.php of the component Send Blood Request Page. The manipulation of the argument Address/bloodgroup leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273185 was assigned to this vulnerability.
๐@cveNotify
GitHub
ItSourceCode 'Online Blood Bank Management System in PHP" Stored XSS ยท Issue #1 ยท cl4irv0yance/CVEs
Stored XSS in Online Blood Bank Management System V1.0 Affected Product Online Blood Bank Management System Vendor Homepage https://itsourcecode.com/free-projects/php-project/online-blood-bank-mana...
๐จ CVE-2024-7320
A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273231.
๐@cveNotify
A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273231.
๐@cveNotify
GitHub
Itsourcecode Online Blood Bank Management Authentication Bypass via SQL Injection to User page and Admin Console ยท Issue #3 ยท โฆ
Itsourcecode Online Blood Bank Management Authentication Bypass via SQL Injection to User page and Admin Console Affected Product Online Blood Bank Management System in PHP with Source Code Vendor ...
๐จ CVE-2024-7321
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Registration Handler. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273232.
๐@cveNotify
A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. This vulnerability affects unknown code of the file signup.php of the component User Registration Handler. The manipulation of the argument user leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273232.
๐@cveNotify
GitHub
ItSourceCode Stored XSS via User Registration ยท Issue #4 ยท cl4irv0yance/CVEs
Stored XSS in Online Blood Bank Management System V1.0 Affected Product Online Blood Bank Management System Vendor Homepage https://itsourcecode.com/free-projects/php-project/online-blood-bank-mana...
๐จ CVE-2024-7285
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273154 is the identifier assigned to this vulnerability.
๐@cveNotify
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273154 is the identifier assigned to this vulnerability.
๐@cveNotify
Gist
sourcecodester_Establishment Billing Management System_XSS_1.md
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-24721
An issue was discovered on Innovaphone PBX before 14r1 devices. The password form, used to authenticate, allows a Brute Force Attack through which an attacker may be able to access the administration panel
๐@cveNotify
An issue was discovered on Innovaphone PBX before 14r1 devices. The password form, used to authenticate, allows a Brute Force Attack through which an attacker may be able to access the administration panel
๐@cveNotify
๐จ CVE-2024-26476
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.
๐@cveNotify
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.
๐@cveNotify
GitHub
Research/openemr_BlindSSRF/README.md at main ยท c4v4r0n/Research
Contribute to c4v4r0n/Research development by creating an account on GitHub.
๐จ CVE-2024-31201
A โCWE-428: Unquoted Search Path or Elementโ affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.
๐@cveNotify
A โCWE-428: Unquoted Search Path or Elementโ affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.
๐@cveNotify
Nozominetworks
CVE-2024-31201 | Nozomi Networks Labs
A โCWE-428: Unquoted Search Path or Elementโ affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on the local machine.CVEโฆ
๐จ CVE-2024-31202
A โCWE-732: Incorrect Permission Assignment for Critical Resourceโ in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
๐@cveNotify
A โCWE-732: Incorrect Permission Assignment for Critical Resourceโ in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.
๐@cveNotify
Nozominetworks
CVE-2024-31202 | Nozomi Networks Labs
A โCWE-732: Incorrect Permission Assignment for Critical Resourceโ in the ThermoscanIP installation folder allows a local attacker to perform a Local Privilege Escalation.CVE-2024-31202
๐จ CVE-2024-31203
A โCWE-121: Stack-based Buffer Overflowโ in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component.
๐@cveNotify
A โCWE-121: Stack-based Buffer Overflowโ in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component.
๐@cveNotify
Nozominetworks
CVE-2024-31203 | Nozomi Networks Labs
A โCWE-121: Stack-based Buffer Overflowโ in the wd210std.dll dynamic library packaged with the ThermoscanIP installer allows a local attacker to possibly trigger a Denial-of-Service (DoS) condition on the target component.CVE-2024-31203
๐จ CVE-2024-36424
K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference.
๐@cveNotify
K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service (BSOD) because of a NULL pointer dereference.
๐@cveNotify
๐จ CVE-2024-39227
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config.
๐@cveNotify
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, and XE3000/X3000 v4.4 were discovered to contain a shell injection vulnerability via the interface check_ovpn_client_config.
๐@cveNotify