#java

The ABB Cylon controller suffers from an authenticated path traversal vulnerability. This can be exploited through the 'devName' POST parameter in the ethernetUpdate.php script to write partially controlled content, such as IP address values, into arbitrary file paths, potentially leading to configuration tampering and system compromise including denial of service scenario through ethernet configuration backup file overwrite.

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as recruiters to trick individuals looking for potential job opportunities into

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'variant' HTTP POST parameter called by the clearProjectConfigurationAjax.php script.

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by calendarUpdate.php script.

The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X. "The ObjectSerializationDecoder in Apache MINA uses Java's

IN THIS ARTICLE: Hackers have released what they claim to be the second batch of data stolen in…

### Summary A stored cross-site scripting (XSS) vulnerability was identified in lgsl. The issue arises from improper sanitation of user input. Everyone who accesses this page will be affected by this attack. ### Details The function `lgsl_query_40` in `lgsl_protocol.php` has implemented an HTTP crawler. This function makes a request to the registered game server, and upon crawling the malicious `/info` endpoint with our payload, will render our javascript on the info page. This information is being displayed via `lgsl_details.php` #### Affected Code: ```php foreach ($server['e'] as $field => $value) { $value = preg_replace('/((https*:\/\/|https*:\/\/www\.|www\.)[\w\d\.\-\/=$?​]*)/i', "<a href='$1' target='_blank'>$1</a>", html_entity_decode($value)); $output .= " <tr><td> {$field} </td><td> {$value} </td></tr>"; } ``` ### PoC 1. Create a game server with type `eco` and set the target host and port accordingly to your ttack server. I have crafted...

Marp Core ([`@marp-team/marp-core`](https://www.npmjs.com/package/@marp-team/marp-core)) from v3.0.2 to v3.9.0 and v4.0.0, are vulnerable to cross-site scripting (XSS) due to improper neutralization of HTML sanitization. ### Impact Marp Core includes an HTML sanitizer with allowlist support. In the affected versions, the built-in allowlist is enabled by default. When the allowlist is active, if insufficient HTML comments are included, the sanitizer may fail to properly sanitize HTML content and lead cross-site scripting (XSS). ### Patches Marp Core [v3.9.1](https://github.com/marp-team/marp-core/releases/tag/v3.9.1) and [v4.0.1](https://github.com/marp-team/marp-core/releases/tag/v4.0.1) have been patched to fix that. ### Workarounds If you are unable to update the package immediately, disable all HTML tags by setting `html: false` option in the `Marp` class constructor. ```javascript const marp = new Marp({ html: false }) ``` ### References - [CWE-79: Improper Neutralization...

From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.

The `ObjectSerializationDecoder` in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious serialized data, potentially leading to remote code execution (RCE) attacks. This issue affects MINA core versions 2.0.X, 2.1.X and 2.2.X, and will be fixed by the releases 2.0.27, 2.1.10 and 2.2.4. It's also important to note that an application using MINA core library will only be affected if the IoBuffer#getObject() method is called, and this specific method is potentially called when adding a ProtocolCodecFilter instance using the `ObjectSerializationCodecFactory` class in the filter chain. If your application is specifically using those classes, you have to upgrade to the latest version of MINA core library. Upgrading will  not be enough: you also need to explicitly allow the classes th...