misc updates
parent
47b2395031
commit
ac68ef0e9a
|
@ -6,7 +6,7 @@ info:
|
|||
description: The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
|
||||
severity: high
|
||||
tags: joomla,sqli,cve,cve2018
|
||||
reference: |
|
||||
reference:
|
||||
- http://packetstormsecurity.com/files/161683/Joomla-JCK-Editor-6.4.4-SQL-Injection.html
|
||||
- https://www.exploit-db.com/exploits/45423/
|
||||
|
||||
|
|
|
@ -5,8 +5,8 @@ info:
|
|||
author: 0x_Akoko
|
||||
severity: high
|
||||
description: |
|
||||
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage)
|
||||
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
|
||||
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage)
|
||||
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
|
||||
(slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
|
||||
reference: https://www.exploit-db.com/exploits/45755
|
||||
tags: microstrategy,lfi
|
||||
|
|
|
@ -4,9 +4,9 @@ info:
|
|||
author: princechaddha
|
||||
severity: high
|
||||
description: |
|
||||
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and
|
||||
MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass
|
||||
authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides
|
||||
TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and
|
||||
MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass
|
||||
authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides
|
||||
credentials within JSON data in a response.
|
||||
reference:
|
||||
- http://misteralfa-hack.blogspot.cl/2018/04/tbk-vision-dvr-login-bypass.html
|
||||
|
|
|
@ -4,9 +4,9 @@ info:
|
|||
name: PhastPress < 1.111 - Open Redirect
|
||||
author: 0x_Akoko
|
||||
description: |
|
||||
There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page
|
||||
with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year
|
||||
ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only
|
||||
There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page
|
||||
with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year
|
||||
ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only
|
||||
go to whitelisted pages but it's possible to redirect the victim to any domain.
|
||||
reference: https://wpscan.com/vulnerability/9b3c5412-8699-49e8-b60c-20d2085857fb
|
||||
severity: low
|
||||
|
|
|
@ -4,8 +4,8 @@ info:
|
|||
name: Real Estate 7 WordPress Theme < 3.1.1 - Unauthenticated Reflected XSS
|
||||
author: suman_kar
|
||||
description: |
|
||||
The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ct_community parameter
|
||||
in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which
|
||||
The WP Pro Real Estate 7 WordPress theme before 3.1.1 did not properly sanitise the ct_community parameter
|
||||
in its search listing page before outputting it back in it, leading to a reflected Cross-Site Scripting which
|
||||
can be triggered in both unauthenticated or authenticated user context
|
||||
severity: medium
|
||||
tags: cve,cve2021,xss,wordpress
|
||||
|
|
|
@ -5,8 +5,8 @@ info:
|
|||
name: Pre-auth RCE in ForgeRock OpenAM
|
||||
description: |
|
||||
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages.
|
||||
The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted
|
||||
/ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO)
|
||||
The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted
|
||||
/ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO)
|
||||
found in versions of Java 8 or earlier
|
||||
severity: critical
|
||||
tags: cve,cve2021,openam,rce,java
|
||||
|
|
Loading…
Reference in New Issue