PHPJabbers Meeting Room Booking System version 1.0 suffers from a missing rate limiting vulnerability.

    # Exploit Title: PHPJabbers Meeting Room Booking System v1.0 - No Rate Limit# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/meeting-room-booking-system/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51332Descriptions:A lack of rate limiting in the "Forgot Email" feature of PHPJabbersMeeting Room Booking System v1.0 allows attackers to send an excessiveamount of reset requests for a legitimate user, leading to a possibleDenial of Service (DoS) via a large amount of generated e-mailmessages.Steps to Reproduce:1. Visit this URLhttps://demo.phpjabbers.com/1704805602_793/index.php?controller=pjAdmin&action=pjActionLogin2. Now use the account mail that is already registered on this website.3. Capture request data using burp suite and send it to Intruder Tab4. Configure Intruder and Start Attack5. Check your email.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51332)

PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting

PHPJabbers Cleaning Business Software version 1.0 suffers from a CSV injection vulnerability.

    # Exploit Title: PHPJabbers Cleaning Business Software v1.0 - CSV Injection# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/cleaning-business-software/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11# CVE-2023-51331Descriptions:PHPJabbers Cleaning Business Software v1.0 is vulnerable to CSVinjection vulnerability which allows an attacker to execute remotecode. The vulnerability exists due to insufficient input validation onthe Unique ID field in the Reservations list that is used to constructa CSV file.Steps to Reproduce:1. Login your panel.2. Go to Options Menu then click Language then click Labels section.3. Now use CSV Injection Payload in any field and go to Import/Export.4. Now click export and open your system.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51331)

PHPJabbers Cleaning Business Software 1.0 CSV Injection

PHPJabbers Cinema Booking System version 1.0 suffers from reflective and persistent cross site scripting vulnerabilities.

    # Exploit Title: PHPJabbers Cinema Booking System v1.0 - Reflected Cross-Site Scripting# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link: https://www.phpjabbers.com/cinema-booking-system/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51330Descriptions:Reflected cross-site scripting (XSS) vulnerability exists inReservations menu, Schedule section and "date" parameter of PHPJabbersCinema Booking System v1.0 that allows attackers to execute arbitraryweb scripts or HTML via a crafted payload injected into the Websitelogin page parameter.Steps to Reproduce:1. Login your panel.2. Go to Now Showing menu then click Print.3. Now use XSS Payload in "date" parameter.4. You will see xss popup.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51330)# Exploit Title: PHPJabbers Cinema Booking System v1.0 - Multiple Stored XSS# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link: https://www.phpjabbers.com/cinema-booking-system/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51335Descriptions:PHPJabbers Cinema Booking System v1.0 is vulnerable to Multiple StoredCross-Site Scripting. Multiple Stored XSS is a type of securityvulnerability that occurs when an application or website allows anattacker to inject malicious scripts into the content that ispermanently stored on the server.Steps to Reproduce:1. Login your panel.2. Vulnerable parameters are "title, name".3. Go to System Users Menu then click add user.4. Then use any XSS Payload in "Name" input field and Save.5. You will see xss popup.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51335)

PHPJabbers Cinema Booking System 1.0 Cross Site Scripting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

    # Exploit Title: PHPJabbers Cleaning Business Software v1.0 - MultipleStored XSS# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/cleaning-business-software/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51328Descriptions:PHPJabbers Cleaning Business Software v1.0 is vulnerable to MultipleStored Cross-Site Scripting. Multiple Stored XSS is a type of securityvulnerability that occurs when an application or website allows anattacker to inject malicious scripts into the content that ispermanently stored on the server.Steps to Reproduce:1. Login your panel.2. Vulnerable parameters are "c_name, name".3. Go to System Users Menu then click add user.4. Then use any XSS Payload in "Name" input field and Save.5. You will see xss popup.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51328)

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple missing rate limiting vulnerabilities.

    # Exploit Title: PHPJabbers Cleaning Business Software v1.0 - No Rate Limit# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/cleaning-business-software/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51326Descriptions:A lack of rate limiting in the "Forgot Email" feature of PHPJabbersCleaning Business Software v1.0 allows attackers to send an excessiveamount of reset requests for a legitimate user, leading to a possibleDenial of Service (DoS) via a large amount of generated e-mailmessages.Steps to Reproduce:1. Visit this URLhttps://demo.phpjabbers.com/1704803403_514/index.php?controller=pjAdmin&action=pjActionLogin2. Now use the account mail that is already registered on this website.3. Capture request data using burp suite and send it to Intruder Tab4. Configure Intruder and Start Attack5. Check your email.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51326)# Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Missing Rate Limit# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/cleaning-business-software/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51327Descriptions:A lack of rate limiting in the "Forgot Email" feature of PHPJabbersCleaning Business Software v1.0 allows attackers to send an excessiveamount of reset requests for a legitimate user, leading to a possibleDenial of Service (DoS) via a large amount of generated e-mailmessages.Steps to Reproduce:1. Visit this URLhttps://demo.phpjabbers.com/{*}/index.php?controller=pjAdmin&action=pjActionLogin2. Now use the account mail that is already registered on this website.3. Capture request data using burp suite and send it to Intruder Tab4. Configure Intruder and Start Attack5. Check your email.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51327)

PHPJabbers Cleaning Business Software 1.0 Missing Rate Limiting

PHPJabbers Shared Asset Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

    # Exploit Title: PHPJabbers Shared Asset Booking System v1.0 -Multiple Stored XSS# Date: 19/12/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/shared-asset-booking-system/#sectionDemo# Version: v1.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-51325Descriptions:PHPJabbers Shared Asset Booking System v1.0 is vulnerable to MultipleStored Cross-Site Scripting. Multiple Stored XSS is a type of securityvulnerability that occurs when an application or website allows anattacker to inject malicious scripts into the content that ispermanently stored on the server.Steps to Reproduce:1. Login your panel.2. Vulnerable parameters are "title, name".3. Go to System Users Menu then add user.4. Then use any XSS Payload in "Name" input field and Save.5. You will see xss popup.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-51325)

PHPJabbers Shared Asset Booking System 1.0 Cross Site Scripting

Ubuntu Security Notice 6541-2 - USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately, changes made to allow proper application of the fix for CVE-2023-4806 in Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing functionalities. This update fixes the problem.

==========================================================================  
Ubuntu Security Notice USN-6541-2  
January 10, 2024

glibc regression  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

USN-6541-1 introduced a regression in the GNU C Library.

Software Description:  
- glibc: GNU C Library

Details:

USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately,  
changes made to allow proper application of the fix for CVE-2023-4806 in  
Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing  
functionalities. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the GNU C Library was not properly handling certain  
memory operations. An attacker could possibly use this issue to cause a  
denial of service (application crash). (CVE-2023-4806, CVE-2023-4813)

It was discovered that the GNU C library was not properly implementing a  
fix for CVE-2023-4806 in certain cases, which could lead to a memory leak.  
An attacker could possibly use this issue to cause a denial of service  
(application crash). This issue only affected Ubuntu 22.04 LTS and Ubuntu  
23.04. (CVE-2023-5156)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.04 LTS:  
libc-bin 2.35-0ubuntu3.6  
libc6 2.35-0ubuntu3.6  
nscd 2.35-0ubuntu3.6

In general, a standard system update will make all the necessary changes.

References:  
https://ubuntu.com/security/notices/USN-6541-2  
https://ubuntu.com/security/notices/USN-6541-1  
https://launchpad.net/bugs/2047155

Package Information:  
https://launchpad.net/ubuntu/+source/glibc/2.35-0ubuntu3.6

Ubuntu Security Notice USN-6541-2

Gentoo Linux Security Advisory 202401-14 - A denial of service vulnerability has been found in RedCloth. Versions greater than or equal to 4.3.2-r5 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202401-14  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: RedCloth: ReDoS Vulnerability  
     Date: January 10, 2024  
     Bugs: #908035  
       ID: 202401-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

A denial of service vulnerability has been found in RedCloth.

Background  
==========

RedCloth is a module for using Textile in Ruby

Affected packages  
=================

Package            Vulnerable    Unaffected  
-----------------  ------------  ------------  
dev-ruby/redcloth  < 4.3.2-r5    >= 4.3.2-r5

Description  
===========

A vulnerability has been discovered in RedCloth. Please review the CVE  
identifier referenced below for details.

Impact  
======

RedCloth is vulnerable to a regular expression denial of service  
("ReDoS") attack via the sanitize_html function.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All RedCloth users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-ruby/redcloth-4.3.2-r5"

References  
==========

[ 1 ] CVE-2023-31606  
      https://nvd.nist.gov/vuln/detail/CVE-2023-31606

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202401-14

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202401-14

Ubuntu Security Notice 6570-1 - Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.

    ==========================================================================Ubuntu Security Notice USN-6570-1January 09, 2024postgresql-9.5 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in PostgreSQL.Software Description:- postgresql-9.5: Object-relational SQL databaseDetails:Pedro Gallegos discovered that PostgreSQL incorrectly handled modifyingcertain SQL array values. A remote attacker could use this issue to obtainsensitive information, or possibly execute arbitrary code. (CVE-2023-5869)Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQLallowed the pg_signal_backend role to signal certain superuser processes,contrary to expectations. (CVE-2023-5870)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 LTS (Available with Ubuntu Pro):   postgresql-9.5                  9.5.25-0ubuntu0.16.04.1+esm6   postgresql-client-9.5         9.5.25-0ubuntu0.16.04.1+esm6After a standard system update you need to restart PostgreSQL to makeall the necessary changes.References:   https://ubuntu.com/security/notices/USN-6570-1   CVE-2023-5869, CVE-2023-5870

Ubuntu Security Notice USN-6570-1

Gentoo Linux Security Advisory 202401-13 - Multiple denial of service vulnerabilities have been found in FAAD2. Versions greater than or equal to 2.11.0 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202401-13  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Low  
    Title: FAAD2: Multiple Vulnerabilities  
     Date: January 10, 2024  
     Bugs: #918558  
       ID: 202401-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple denial of service vulnerabilities have been found in FAAD2.

Background  
==========

FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder.

Affected packages  
=================

Package           Vulnerable    Unaffected  
----------------  ------------  ------------  
media-libs/faad2  < 2.11.0      >= 2.11.0

Description  
===========

Multiple vulnerabilities have been discovered in FAAD2. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All FAAD2 users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=media-libs/faad2-2.11.0"

References  
==========

[ 1 ] CVE-2023-38857  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38857  
[ 2 ] CVE-2023-38858  
      https://nvd.nist.gov/vuln/detail/CVE-2023-38858

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202401-13

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2024 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Source

Packet Storm