Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2023-46349: [CVE-2023-46349] Improper neutralization of SQL parameter in MyPrestaModules - Product Catalog (CSV, Excel) Export/Update module for PrestaShop

In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method `productsUpdateModel::getExportIds()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

CVE
#sql#vulnerability#web#php#perl#auth
CVE-2023-46480: GitHub - owncast/owncast: Take control over your live stream video by running it yourself. Streaming + chat out of the box.

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.

Section 702 Surveillance Reauthorization May Get Slipped Into ‘Must-Pass’ NDAA

Congressional leaders are discussing ways to reauthorize Section 702 surveillance, including by attaching it to the National Defense Authorization Act, Capitol Hill sources tell WIRED.

General Electric Probes Security Breach as Hackers Sell DARPA-Related Access

By Waqas According to the threat actor, the data includes "a lot of DARPA-related military information." This is a post from HackRead.com Read the original post: General Electric Probes Security Breach as Hackers Sell DARPA-Related Access

How to Handle Retail SaaS Security on Cyber Monday

If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information.  SaaS applications supporting retail efforts will host

GHSA-hfxh-rjv7-2369: Uptime Kuma Authenticated remote code execution via TailscalePing

### Summary The `runTailscalePing` method of the `TailscalePing` class injects the `hostname` parameter inside a shell command, leading to a command injection and the possibility to run arbitrary commands on the server. ### Details When adding a new monitor on Uptime Kuma, we can select the "Tailscale Ping" type. Then we can add a hostname and insert a command injection payload into it. The front-end application requires that the field follow a specific pattern, this validation only happens on the front-end and can be removed by removing the attribute `pattern` on the `input` element. https://github.com/louislam/uptime-kuma/blob/dc4242019331e65a79ac16deef97510144e01b12/server/monitor-types/tailscale-ping.js#L40-L46 We can finally add the new monitor and observe that our command is being executed. **NOTE:** When using Uptime Kuma inside a container, the "TailScale Ping" type is not visible. We can fake this information by intercepting WebSocket messages and set the `isContainer` o...

CVE-2023-6329: Control iD iDSecure passwordCustom Authentication Bypass

[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]

CVE-2023-5958

The POST SMTP Mailer WordPress plugin before 2.7.1 does not escape email message content before displaying it in the backend, allowing an unauthenticated attacker to perform XSS attacks against highly privileged users.

CVE-2023-5906

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to confidential data and files of other users without their permission.

CVE-2023-5845

The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags