Security
Headlines
HeadlinesLatestCVEs

Tag

#webkit

Webedition CMS 2.9.8.8 Remote Code Execution

Webedition CMS version 2.9.8.8 suffers from a remote code execution vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#apple#linux#php#rce#auth#chrome#webkit
Webutler 3.2 Shell Upload

Webutler version 3.2 suffers from a remote shell upload vulnerability.

CVE-2023-38948: jizhi CMS 1.9.5 has a Arbitrary File Download RCE vulnerability via /A/c/PluginsController.php · Issue #I7LI4E · Pwn师傅/Pwn - Gitee.com

An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows attackers to execute arbitrary code via downloading a crafted plugin.

CVE-2023-36121: OffSec’s Exploit Database Archive

Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project.

Ubuntu Security Notice USN-6264-1

Ubuntu Security Notice 6264-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

GHSA-8www-cffh-4q98: Anyone with a share link can RESET all website data in Umami

### Summary Anyone with a share link (permissions to view) can reset the website data. ### Details When a user navigates to a `/share/` URL, he receives a share token which is used for authentication. This token is later verified by `useAuth`. After the token is verified, the user can call most of the `GET` APIs that allow fetching stats about a website. The `POST /reset` endpoint is secured using `canViewWebsite` which is the incorrect verification for such destructive action. This makes it possible to completly reset all website data ONLY with view permissions - [permalink](https://github.com/umami-software/umami/blob/7bfbe264852558a148c7741f8637ff2b266d48cd/pages/api/websites/%5Bid%5D/reset.ts#L22) ### PoC ```bash curl -X POST 'https://analytics.umami.is/api/websites/b8250618-ccb5-47fb-8350-31c96169a198/reset' \ -H 'authority: analytics.umami.is' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' \ -H 'authorization: Bearer undefined' \ -H 'cache-co...

CVE-2023-38410: About the security content of macOS Ventura 13.5

The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A user may be able to elevate privileges.

CVE-2023-38597: About the security content of Safari 16.6

The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitrary code execution.

CVE-2023-37450: About the security content of Safari 16.5.2

The issue was addressed with improved checks. This issue is fixed in watchOS 9.6, iOS 16.6 and iPadOS 16.6, Safari 16.5.2, macOS Ventura 13.5, tvOS 16.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVE-2023-32437: About the security content of iOS 16.6 and iPadOS 16.6

The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox.