WordPress Download Manager plugin version 2.5 suffers from a cross site request forgery vulnerability.
58e3b458c52034c477dbf9b651b09d13ff7a413e2aa31b8441da3d6d7cae52aaMicrosoft Windows 10 AppXSvc Deployment Service suffers from an arbitrary file deletion vulnerability.
72b21b887fdaa771bef3dfbaefc0a0d012473baae240a34144842086d8053895OmniDoc version 7.0 suffers from an improper input validation vulnerability.
f16dd328f69cbae01f93495f5a2b25c1289982797bb8c8a0aa629f20450b3dd9NSKeyedUnarchiver suffers from an information leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes provided to the decoder are null terminated. It should use [SGBigUTF8String initWithUTF8Data:] instead.
350595d4b62128692b25160fd0dc54b6e14a6ff528c3e77b5bce0cd7797ace73msctf in the Text Services Framework suffers from multiple design flaws that can lead to things like UIPI bypass and interfering with processes.
0e5628d9aca7d795d63bbbab493631e98a1f4027dfdef9907adbf02de03caa93TortoiseSVN version 1.12.1 suffers from a remote code execution vulnerability.
7e7d80f13a763bb28d6179a37710796495582ad72b220cfc0e6f440024a5da17AZORult Botnet suffers from a remote SQL injection vulnerability.
469889ddfa69bafe60fe32f98ce19ce8ec74341567256eeb13fbf11ef947b108Agent Tesla Botnet arbitrary code execution exploit.
529d49ea1f81a720d799b9d75872ba6cfcf6de75e2d0c8f31bd41bb66b8f2285Steam Windows client local privilege escalation exploit.
89ca2ff3f2c0c57bb797a14d09c01bdea1538a1f9385b2550537aef36572f92dWebKit suffers from a universal cross site scripting vulnerability via XSLT and nested document replacements.
abc82a98542f87bc9b86b25a54fdb246cadf7b93e9bfa89e200caa30e3415461This Metasploit module exploits SQL injection and command injection vulnerabilities in the ManageEngine Application Manager versions 14.2 and below.
e517b45142b3447dbab8ec2a891e10876f6c09291a138de7f5a84363ffe2c8c1Joomla JS Support Ticket component version 1.1.6 suffers from a remote SQL injection vulnerability in ticketreply.php.
213a017be91f4b2105974e537a709ecfaac01e0035d2ac7a0770e99035de9811BSI Advance Hotel Booking System version 2.0 suffers from a persistent cross site scripting vulnerability in booking_details.php.
49c2147b939ccb27aedc41a4220c7bb4bf089ba4d835ba734eb893216bbf0d60This Metasploit module exploits SQL injection and command injection vulnerability in the OpManager versions 12.4.034 and below.
fc57c3cfc093c3e5df0726909ea0618e1444102b4b8d154f2216ed157bc46225VxWorks version 6.8 suffers from an integer underflow vulnerability.
1f311cc4d1a16d238fc837c326c95ed3d599ea7c826e3ecb1485e5e7136216e4This Metasploit module bypasses the user password requirement in the OpManager versions 12.4.034 and below. It performs authentication bypass and executes commands on the server.
0b10df1665aeb6bf150dfd60da9fbbcaa339ab52f578cd7f8af7b97ef10ca2a8This Metasploit module exploits an arbitrary command execution vulnerability in Webmin versions 1.920 and below. If the password change module is turned on, the unauthenticated user can execute arbitrary commands with root privileges.
ec772fb6a45fb88e2351faaab0600ee20a86b66126a1ccf91608cd56b9347361Joomla JS Support Ticket component version 1.1.6 suffers from an arbitrary file deletion vulnerability in ticket.php.
94e89c0d5467b5113ad4752d8b9da422373f83bd3bae56e8e65bb7406649eb1fUNA version 10.0.0 RC1 suffers from a persistent cross site scripting vulnerability in polyglot.php.
e5256b578b274aaf68a41ee33a072fae920639e4f32a32ad3e061c9f3af6ca4bThis Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.
ccf085e5a044cb918fae95c5556ebbf021851f7abfb9c7fab3ef667e68647642Joomla JS Jobs component version 1.2.5 suffers from a remote SQL injection vulnerability in cities.php.
c7ddd9531942beee708545b44d1c7185102db12d2f392709e7f60afad09b689dGhidra (Linux) version 9.0.4 suffers from a .gar related arbitrary code execution vulnerability.
d8d7c325d350b463017b38852324eca682609da29b6f5b3ea847494efb0bee38An issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.
dc220c23a64f7b236d2f7baa4ca8dc155587a9cce117ae9421edbe0cba0f0abfAn issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. CSV (aka Formula) injection exists in the export spreadsheets functionality. These spreadsheets are generated dynamically from unvalidated or unfiltered user input in the Name and Internal Notes fields in the Users tab, and the Issue Summary field in the tickets tab. This allows other agents to download data in a .csv file format or .xls file format. This is used as input for spreadsheet applications such as Excel and OpenOffice Calc, resulting in a situation where cells in the spreadsheets can contain input from an untrusted source. As a result, the end user who is accessing the exported spreadsheet can be affected.
f150397a7968594c609552a20ed91f7b52515c65949278adcf1bdbf3c538e6deAn issue was discovered in osTicket versions before 1.10.7 and 1.12.x before 1.12.1. The Ticket creation form allows users to upload files along with queries. It was found that the file-upload functionality has fewer (or no) mitigations implemented for file content checks; also, the output is not handled properly, causing persistent XSS that leads to cookie stealing or malicious actions.
4aa6bca41dc1a9b95104a9962adaf6cfeb18342762584bfa43d2b396f68308c2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed