Security
Headlines
HeadlinesLatestCVEs

Tag

#webkit

CVE-2021-46360: 0days/Exploit.py at main · sartlabs/0days

Authenticated remote code execution (RCE) in Composr-CMS 10.0.39 and earlier allows remote attackers to execute arbitrary code via uploading a PHP shell through /adminzone/index.php?page=admin-commandr.

CVE
Open in Source
#csrf#web#windows#apple#ubuntu#linux#php#rce#auth#chrome#webkit
CVE-2021-24993: Changeset 2650578 – WordPress Plugin Repository

The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF checks in some AJAX actions, which could allow any authenticated users, such as subscriber to call them and add arbitrary products, or change the plugin's settings for example

CVE-2021-21937: TALOS-2021-1366 || Cisco Talos Intelligence Group

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.

CVE-2021-21921: TALOS-2021-1365 || Cisco Talos Intelligence Group

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘name_filter’ parameter with the administrative account or through cross-site request forgery.

CVE-2021-21919: TALOS-2021-1364 || Cisco Talos Intelligence Group

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack.

CVE-2021-21894: TALOS-2021-1337 || Cisco Talos Intelligence Group

A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file overwrite FsTFtp file disclosure. An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE-2021-21896: TALOS-2021-1338 || Cisco Talos Intelligence Group

A directory traversal vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file deletion. An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE-2021-21877: TALOS-2021-1315 || Cisco Talos Intelligence Group

Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability.

CVE-2021-43847: Authorization Bypass Through User-Controlled Key in humhub

HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.

CVE-2021-38508: Security Vulnerabilities fixed in Thunderbird 91.3

By displaying a form validity message in the correct location at the same time as a permission prompt (such as for geolocation), the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.