Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Online Piggery Management System 1.0 Shell Upload

Online Piggery Management System version 1.0 suffers from a remote shell upload vulnerability.

Packet Storm
Open in Source
#vulnerability#web#ubuntu#php#auth
Hikvision Hybrid SAN Ds-a71024 SQL Injection

Hikvision Hybrid SAN Ds-a71024 firmware suffers from a remote blind SQL injection vulnerability.

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability

Pluck 4.7.18 Remote Shell Upload

Pluck version 4.7.18 appears to suffer from a remote shell upload vulnerability.

Blackcat CMS 1.4 Shell Upload

Blackcat CMS version 1.4 suffers from a remote shell upload vulnerability.

GHSA-hhr9-rh25-hvf9: Feathers socket handler allows abusing implicit toString

### Impact Feathers socket handler did not catch invalid string conversion errors like: ```ts const message = `${{ toString: '' }}` ``` Causing the NodeJS process to crash when sending an unexpected Socket.io message like ```ts socket.emit('find', { toString: '' }) ``` ### Patches A fix has been released in - `v5.0.8` via #3241 - `v4.5.18` via #3242 ### Workarounds Since it is in the core Socket handling code upgrading to the latest version is necessary. ### References - [v5.0.8 Changelog](https://github.com/feathersjs/feathers/blob/dove/CHANGELOG.md#508-2023-07-19) - [v4.5.18 Changelog](https://github.com/feathersjs/feathers/blob/crow/CHANGELOG.md#4518-2023-07-19)

GHSA-45c4-8wx5-qw6w: aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser

### Impact aiohttp v3.8.4 and earlier are [bundled with llhttp v6.0.6](https://github.com/aio-libs/aiohttp/blob/v3.8.4/.gitmodules) which is vulnerable to CVE-2023-30589. The vulnerable code is used by aiohttp for its HTTP request parser when available which is the default case when installing from a wheel. This vulnerability only affects users of aiohttp as an HTTP server (ie `aiohttp.Application`), you are not affected by this vulnerability if you are using aiohttp as an HTTP client library (ie `aiohttp.ClientSession`). ### Reproducer ```python from aiohttp import web async def example(request: web.Request): headers = dict(request.headers) body = await request.content.read() return web.Response(text=f"headers: {headers} body: {body}") app = web.Application() app.add_routes([web.post('/', example)]) web.run_app(app) ``` Sending a crafted HTTP request will cause the server to misinterpret one of the HTTP header values leading to HTTP request smuggling. ```console $ ...