Headline
CVE-2022-42984: GitHub - nhiephon/Research
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients.
Research
Hackerone
Facebook Whitehat
2022CVE-2022-0273
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0273
CVE-2022-0405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0405
CVE-2022-0406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0406
CVE-2022-0574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0574
CVE-2022-0578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0578
CVE-2022-0665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0665
CVE-2022-0697
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0697
CVE-2022-0716
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0716
CVE-2022-0726
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0726
CVE-2022-0727
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0727
CVE-2022-0761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0761
CVE-2022-0912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0912
CVE-2022-0917
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0917
CVE-2022-0950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0950
CVE-2022-40405[Description]
WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs.
[Vulnerability Type]
SQL Injection
[Vendor of Product]
WoWonder (www.wowonder.com)
[Affected Product Code Base]
WoWonder Social Network Platform - 4.1.2
[Affected Component]
target.website/requests.php?f=load-my-blogs&offset=inject_here
[Attack Type]
Remote
[Impact Information Disclosure]
True
[Attack Vectors]
Remote attackers can gain access to the database by exploiting a request to “requests.php?f=load-my-blogs” via “offset” parameter.
[Reference]
https://github.com/nhiephon/Research
https://www.wowonder.com
[Discoverer]
NXQ, nhiephon from NCSC of Vietnam
CVE-2022-42984[Description]
WoWonder Social Network Platform 4.1.4 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=search&s=recipients.
[Vulnerability Type]
SQL Injection
[Vendor of Product]
WoWonder (www.wowonder.com)
[Affected Product Code Base]
WoWonder Social Network Platform - 4.1.4
[Affected Component]
target.website/requests.php?f=search&s=recipients&query=inject_here
[Attack Type]
Remote
[Impact Denial of Service]
True
[Impact Information Disclosure]
True
[Attack Vectors]
Remote attackers can gain access to the database by exploiting a request to “requests.php?f=search&s=recipients” via “query” parameter.
[Reference]
https://github.com/nhiephon/Research
https://www.wowonder.com
[Discoverer]
NXQ, nhiephon from NCSC of Vietnam
2021CVE-2021-3967
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3967
2020CVE-2020-13905[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrFanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file hdr. FORMATS!GetPlugInInfo+0x38ed4: 1006f044 8806 mov byte ptr [esi],al ds:002b:0af8f000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted HDR file.
[Reference]
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
[Discoverer]
Nguyễn Quang and Lưu Minh Trí from NCSC of Vietnam
CVE-2020-13906[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrFanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file hdr. FORMATS!GetPlugInInfo+0x38eb7: 1006f027 8806 mov byte ptr [esi],al ds:002b:0af4f000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted HDR file.
[Reference]
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
[Discoverer]
TuanDA, HiepHV from NCSC of Vietnam
CVE-2020-23545[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ReadXPM_W+0x0000000000000531.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrFanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file xpm. FORMATS!ReadXPM_W+0x531: 10003991 880429 mov byte ptr [ecx+ebp],al ds:002b:0f7ff000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted XPM file.
[Reference]
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
[Discoverer]
NXQ from NCSC of Vietnam
CVE-2020-23546[Description]
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
The data from the faulting address is later used to a function call
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file xbm. FORMATS!ReadMosaic+0x981: 10003171 8a91e8110d10 mov dl,byte ptr FORMATS!GetPlugInInfo+0x9b0b8 ds:002b:dcd9deb4=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted XBM file.
[Reference]
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
[Discoverer]
NXQ from NCSC of Vietnam
CVE-2020-23549[Description]
IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted .cr2 file, related to a "Data from Faulting Address controls Branch Selection starting at FORMATS!GetPlugInInfo+0x00000000000047f6".
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
Denial Of Service, Overflow
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrFanView 32-bit - 4.54
[Affected Component]
FORMATS!GetPlugInInfo+0x47f6: 10039416 8b0a mov ecx, dword ptr [edx] ds:002b:48663000=???
[Attack Type]
Local
[CVE Impact Other]
Denial of Service
[Attack Vectors]
To exploit vulnerability, someone must open a crafted CR2 file.
[Reference]
https://github.com/nhiephon/Research/blob/master/README.md
https://www.irfanview.com/plugins.htm
[Discoverer]
NPD from NCSC of Vietnam
CVE-2020-23550[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e82.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e82: 1003cb12 8807 mov byte ptr [edi], al ds:002b:0ae3d000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23551[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e30.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e30: 1003cac0 89448ffc mov dword ptr [edi+ecx*4-4], eax ds:002b:0af2d000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23552[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e62.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e62: 1003caf2 8807 mov byte ptr [edi], al ds:002b:0aebd000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23553[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007d33.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7d33: 1003c9c3 f3a5 rep movs dword ptr es:[edi], dword ptr [esi]
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23554[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e20: 1003cab0 89448ff4 mov dword ptr [edi+ecx*4-0Ch], eax ds:002b:0af1d000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23555[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e6e.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e6e: 1003cafe 8807 mov byte ptr [edi], al ds:002b:0b03d000=??
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23556[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e28.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
Irfanview 32-bit - 4.54
[Affected Component]
Plugin Formats.dll read file dds. FORMATS!GetPlugInInfo+0x7e28: 1003cab8 89448ff8 mov dword ptr [edi+ecx*4-8], eax ds:002b:0b0cd000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DDS file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23557[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000755d.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x755d: 10012eed 66891471 mov word ptr [ecx+esi*2],dx ds:002b:0b0a1000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23558[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007f4b.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x7f4b: 100138db 66890c47 mov word ptr [edi+eax*2],cx ds:002b:1bc44e40=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23559[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000007d7f.
[Additional Information]
Vendor fixed the error in the plugin. Please read “https://www.irfanview.com/plugins.htm”
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x7d7f: 1001370f 66891443 mov word ptr [ebx+eax*2],dx ds:002b:0b0e1000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23560[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000001bcab.
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x1bcab: 1002763b 6689047e mov word ptr [esi+edi*2],ax ds:002b:4642d000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
nhiephon from NCSC of Vietnam
CVE-2020-23561[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000005722.
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x5722: 100110b2 6689044a mov word ptr [edx+ecx*2],ax ds:002b:0b0a1000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
SPT from NCSC of Vietnam
CVE-2020-23562[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x000000000000aefe.
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0xaefe: 1001688e d918 fstp dword ptr [eax] ds:002b:00000000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
HuyenNT, KetDV from NCSC of Vietnam
CVE-2020-23563[Description]
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.
[VulnerabilityType Other]
User mode write access violations
[Vendor of Product]
Irfanview
[Affected Product Code Base]
IrfanView 32-bit - 4.54
[Affected Component]
Plugin Formats.dll version 4.55.4 read file DCR. FORMATS!ShowPlugInSaveOptions_W+0x2cba: 1000e64a 6689044a mov word ptr [edx+ecx*2],ax ds:002b:0b091000=???
[Attack Type]
Local
[CVE Impact Other]
User mode write access violations
[Attack Vectors]
To exploit vulnerability, someone must open a crafted DCR file.
[Reference]
https://github.com/nhiephon/Research
https://www.irfanview.com/plugins.htm
[Discoverer]
LuongNP, ChienTD from NCSC of Vietnam
Related news
IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!ShowPlugInSaveOptions_W+0x0000000000002cba.
Improper Access Control in GitHub repository publify/publify prior to 9.2.8.
Code Injection in GitHub repository publify/publify prior to 9.2.8.
Calibre-Web before 0.6.18 allows user table SQL Injection.
Calibre-Web before 0.6.18 allows user table SQL Injection.
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.