Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-36872: wordpress-popular-posts/changelog.md at master · cabrerahector/wordpress-popular-posts

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type].

CVE

Related news

CVE-2021-43140: GitHub - Dir0x/CVE-2021-43140: SQL injection vulnerability in login exists in Sourcecodester Simple Subscription Website.

SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.

CVE-2021-43141: GitHub - Dir0x/CVE-2021-43141: Information about CVE-2021-43141, a reflected XSS in the plan_application section.

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application.

CVE-2020-23679: client 注册用户信息,存在栈溢出漏洞 · Issue #1 · Renleilei1992/Linux_Network_Project

Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password field.

CVE-2021-27644

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)

CVE-2021-27644: Pony Mail!

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)

CVE-2021-41728: GitHub - Dir0x/CVE-2021-41728: Information about CVE-2021-41728, a reflected XSS in the search function.

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News247 CMS 1.0 via the search function in articles.

CVE-2021-36999: July

There is a Buffer overflow vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by sending malicious images and inducing users to open the images may cause remote code execution.

CVE-2021-3906: Update ImageRepo.php · BookStackApp/BookStack@64937ab

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

CVE-2020-23060

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file.

CVE-2020-28964

Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Search function. This vulnerability allows attackers to escalate local process privileges via unspecified vectors.

CVE-2021-36388: Yellowfin-Multiple-Vulnerabilities/README.md at main · cyberaz0r/Yellowfin-Multiple-Vulnerabilities

In Yellowfin before 9.6.1 it is possible to enumerate and download users profile pictures through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIIAvatarImage.i4".

CVE-2021-36387: Yellowfin-Multiple-Vulnerabilities/README.md at main · cyberaz0r/Yellowfin-Multiple-Vulnerabilities

In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4".

CVE-2021-36389: Yellowfin Cross Site Scripting / Insecure Direct Object Reference ≈ Packet Storm

In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially crafted HTTP GET request to the page "MIImage.i4".

CVE-2021-42228: There is a csrf vulnerability in kindeditor - 4.1.* · Issue #337 · kindsoft/kindeditor

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.

Yellowfin Cross Site Scripting / Insecure Direct Object Reference

Yellowfin versions prior to 9.6.1 suffer from persistent cross site scripting and insecure direct object reference vulnerabilities.

CVE-2021-30628: Stable Channel Update for Desktop

Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page.

Apache HTTP Server update fails to squash path traversal, RCE bugs

Web admins told to upgrade (once again) to latest version

CVE-2021-36178: PSIRT Advisories | FortiGuard

A insufficiently protected credentials in Fortinet FortiSDNConnector version 1.1.7 and below allows attacker to disclose third-party devices credential information via configuration page lookup.

CVE-2020-21493: User Name Enumeration Vulnerability · Issue #3 · rayfalling/xiuno-docker

An issue in the component route\user.php of Xiuno BBS v4.0.4 allows attackers to enumerate usernames.

CVE-2020-20797: sql injection vulnerability (2) · Issue #26 · FlameNET/FlameCMS

FlameCMS 3.3.5 contains a time-based blind SQL injection vulnerability in /account/register.php.

CVE-2020-20796: sql injection vulnerability · Issue #24 · FlameNET/FlameCMS

FlameCMS 3.3.5 contains a SQL injection vulnerability in /master/article.php via the "Id" parameter.

CVE-2021-33583:

REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in the TCServer.jar file.

CVE-2021-22535: Potential information disclosure vulnerability (CVE-2021-22535)

Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.

CVE-2021-36880: WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability - Patchstack

Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom.

CVE-2021-36879: WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability - Patchstack

Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.

CVE-2021-36874: WordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerability - Patchstack

Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5).

CVE-2021-36875: WordPress uListing plugin <= 2.0.5 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability - Patchstack

Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). Vulnerable parameters: &filter[id], &filter[user], &filter[expired_date], &filter[created_date], &filter[updated_date].

CVE-2021-40106: 8.5.6 Release Notes :: Concrete CMS

An issue was discovered in Concrete CMS through 8.5.5. There is unauthenticated stored XSS in blog comments via the website field.

CVE-2021-40097: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. Authenticated path traversal leads to to remote code execution via uploaded PHP code, related to the bFilename parameter.

CVE-2021-40104: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.

CVE-2021-40105: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. There is XSS via Markdown Comments.

CVE-2021-40310: OpenSIS 8.0 'cp_id_miss_attn' - Reflected Cross-Site Scripting (XSS) PoC

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

CVE-2021-40099: HackerOne

An issue was discovered in Concrete CMS through 8.5.5. Fetching the update json scheme over HTTP leads to remote code execution.

Meet TruffleHog – a browser extension for finding secret keys in JavaScript code

API keys are accidentally being leaked by websites. Here’s how to find them

CVE-2021-36873: iQ Block Country

Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage.

WordPress 3DPrint Lite 1.9.1.4 Shell Upload

WordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.

CVE-2021-40868: Cloudron 6.2 Cross Site Scripting ≈ Packet Storm

In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.

CVE-2020-19915: wuzhicms v4.1.0 persistent xss vulnerability

Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the [mailbox username in index.php.

CVE-2021-39327: Vulnerability Advisories - Wordfence

The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible ~/db_backup_log.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up to, and including, 5.1.

CVE-2021-40965: TinyFileManager Vulnerabilities

A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker.

CVE-2020-21121: SQL Injection Vulerable. · Issue #259 · Kliqqi-CMS/Kliqqi-CMS

Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file.

CVE-2021-36581: GitHub - l00neyhacker/CVE-2021-36581: CVE-2021-36581

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

CVE-2021-36582: GitHub - l00neyhacker/CVE-2021-36582: CVE-2021-36582

In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.

CVE-2021-33362: fixed #1780 (fuzz) · gpac/gpac@1273cdc

Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

CVE-2021-32137: [security]heap buffer overflow in MP4Box URL_GetProtocolType · Issue #1766 · gpac/gpac

Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

CVE-2021-32136: [security]heap buffer overlow in MP4Box print_udta · Issue #1765 · gpac/gpac

Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

CVE-2021-22528: Cross-Site Scripting Vulnerability (CVE-2021-22528)

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE-2021-38347: edit.php in simple-custom-website-data/tags/2.2/views – WordPress Plugin Repository

The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the ~/views/edit.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.2.

CVE-2021-38331: writer.php in wp-t-wap/tags/1.13.3/wap – WordPress Plugin Repository

The WP-T-Wap WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the posted parameter found in the ~/wap/writer.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.13.2.

CVE-2021-40346: Repositories - haproxy.git/summary

An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs.

CVE-2021-32610: Release 1.4.14 · pear/Archive_Tar

In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

CVE-2021-30544: Stable Channel Update for Desktop

Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30545: Stable Channel Update for Desktop

Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30551: Stable Channel Update for Desktop

Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-28948: Multiple vulnerabilities through filename manipulation (CVE-2020-28948 and CVE-2020-28949) · Issue #33 · pear/Archive_Tar

Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.

CVE-2020-28949: Multiple vulnerabilities through filename manipulation (CVE-2020-28948 and CVE-2020-28949) · Issue #33 · pear/Archive_Tar

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

CVE-2020-24723: CVE-2020–24723

Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.

CVE-2020-14389: Invalid Bug ID

It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have.

CVE-2017-7415: Confluence 6.0.x Information Disclosure ≈ Packet Storm

Atlassian Confluence 6.x before 6.0.7 allows remote attackers to bypass authentication and read any blog or page via the drafts diff REST resource.

CVE-2016-1575: CVE-2016-1575 | Ubuntu

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907