Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

CVE-2023-37170: Vuls/TOTOLINK/A3300R/cmdi_1 at main · kafroc/Vuls

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.

CVE
Open in Source
#vulnerability#git#rce#auth
CVE-2023-36994: TravianZ Hacked

In TravianZ 8.3.4 and 8.3.3, Incorrect Access Control in the installation script allows an attacker to overwrite the server configuration and inject PHP code.

CVE-2023-37067: Security issues - Chamilo LMS

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section.

CVE-2023-37065: Security issues - Chamilo LMS

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section.

CVE-2023-37064: Security issues - Chamilo LMS

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section.

CVE-2023-37063: Security issues - Chamilo LMS

Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section.

CVE-2023-25201: Security Advisories - usd HeroLab

Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload.

GHSA-3q76-jq6m-573p: Archive_Tar contains Potential RCE if filename starts with phar://

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called without a specific prefix path, we can trigger unserialization by crafting a tar file with `phar://[path_to_malicious_phar_file]` as path. Object injection can be used to trigger destruct in the loaded PHP classes, e.g. the Archive_Tar class itself. With Archive_Tar object injection, arbitrary file deletion can occur because `@unlink($this->_temp_tarname)` is called. If another class with useful gadget is loaded, it may possible to cause remote code execution that can result in files being deleted or possibly modified. This vulnerability appears to have been fixed in 1.4.4.

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14 million users across more than 20,000 instances. The most critical vulnerability, CVE-2023-36460,