Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

GHSA-6mf5-36v9-3h2w: XWiki Platform vulnerable to privilege escalation (PR) from view right via Invitation application

### Impact Any user with view rights on any document can execute code with programming rights, leading to remote code execution by crafting an url with a dangerous payload. See the example below: Open `<xwiki-host>/xwiki/bin/view/%5D%5D%20%7B%7Basync%20async%3D%22true%22%20cached%3D%22false%22%20context%3D%22doc.reference%22%7D%7D%7B%7Bgroovy%7D%7Dprintln(%22Hello%20%22%20%2B%20%22from%20groovy!%22)%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D?sheet=Invitation.InvitationGuestActions&xpage=view` where `<xwiki-host>` is the URL of your XWiki installation. ### Patches The problem as been patching on XWiki 15.0, 14.10.4 and 14.4.8. ### Workarounds It is possible to partially fix the issue by applying this [patch](https://github.com/xwiki/xwiki-platform/commit/b65220a4d86b8888791c3b643074ebca5c089a3a). Note that some additional issue can remain and can be fixed automatically by a migration. Hence, it is advised to upgrade to one of the patched version instead of patching manually. ### Refere...

ghsa
Open in Source
#git#java#rce#jira#maven
CVE-2020-20919: pluck-cms<=4.7.10-dev4 admin background exists a remote command execution vulnerability when install a theme · Issue #85 · pluck-cms/pluck

File upload vulnerability in Pluck CMS v.4.7.10-dev2 allows a remote attacker to execute arbitrary code and access sensitive information via the theme.php file.

CVE-2020-21058: typora(0.9.79) XSS to RCE · Issue #2959 · typora/typora-issues

Cross Site Scripting vulnerability in Typora v.0.9.79 allows a remote attacker to execute arbitrary code via the mermaid sytax.

CVE-2023-2533: PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF | Advisories | Fluid Attacks

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. This could be exploited if the target is an admin with a current login session. Exploiting this would typically involve the possibility of deceiving an admin into clicking a specially crafted malicious link, potentially leading to unauthorized changes.

Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle

Polycom BToE Connector version 4.4.0.0 suffers from remote buffer overflow and man-in-the-middle vulnerabilities.

CVE-2023-2359

The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations.

CVE-2023-35856: GitHub - MikeIsAStar/Mario-Kart-Wii-Remote-Code-Execution: Injects arbitrary code into a client's game.

A buffer overflow in Nintendo Mario Kart Wii RMCP01, RMCE01, RMCJ01, and RMCK01 can be exploited by a game client to execute arbitrary code on a client's machine via a crafted packet.

CVE-2023-35813: %kb_name - %short_descr - Knowledge Portal

Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3.

CVE-2023-28295

Microsoft Publisher Remote Code Execution Vulnerability