Security
Headlines
HeadlinesLatestCVEs

Tag

#php

ABB Cylon Aspect 3.08.01 mapConfigurationDownload.php Configuration Download

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script.

Packet Storm
Open in Source
#sql#vulnerability#web#google#linux#apache#java#intel#php#auth#ssl
ABB Cylon Aspect 3.08.01 (mapConfigurationDownload.php) Config Download

The ABB BMS/BAS controller suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script.

GHSA-4r7v-whpg-8rx3: changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution

### Summary A Server Side Template Injection in changedetection.io caused by usage of unsafe functions of Jinja2 allows Remote Command Execution on the server host. ### Details changedetection.io version: 0.45.20 ``` docker images REPOSITORY TAG IMAGE ID CREATED SIZE dgtlmoon/changedetection.io latest 53529c2e69f1 44 hours ago 423MB ``` The vulnerability is caused by the usage of vulnerable functions of Jinja2 template engine. ```python from jinja2 import Environment, BaseLoader ... # Get the notification body from datastore jinja2_env = Environment(loader=BaseLoader) n_body = jinja2_env.from_string(n_object.get('notification_body', '')).render(**notification_parameters) n_title = jinja2_env.from_string(n_object.get('notification_title', '')).render(**notification_parameters) ``` ### PoC 1. Create/Edit a URL watch item 2. Under *Notifications* tab insert this payload: ```python {{ self.__init__.__globa...

ABB Cylon Aspect 3.08.00 sslCertAjax.php Remote Command Execution

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the country, state, locality, organization, and hostname HTTP POST parameters called by the sslCertAjax.php script.

WatchGuard XTM Firebox 12.5.x Buffer Overflow

WatchGuard XTM Firebox version 12.5.x suffers from a buffer overflow vulnerability.

Serious Adversaries Circle Ivanti CSA Zero-Day Flaws

Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access to a targeted system.

ABB Cylon Aspect 3.08.00 (sslCertAjax.php) Remote Code Execution

The ABB BMS/BAS controller suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'country', 'state', 'locality', 'organization', and 'hostname' HTTP POST parameters called by the sslCertAjax.php script.

ABB Cylon Aspect 3.08.00 yumSettings.php Command Injection

ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the PROXY HTTP POST parameter called by the yumSettings.php script.

WordPress File Manager Advanced Shortcode 2.3.2 Code Injectin / Shell Upload

WordPress File Manager Advanced Shortcode plugin version 2.3.2 suffers from a code injection vulnerability that allows for remote shell upload.