Security
Headlines
HeadlinesLatestCVEs

Tag

#php

WBCE CMS 1.6.1 Cross Site Scripting

WBCE CMS version 1.6.1 suffers from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#web#windows#apple#linux#js#git#java#php#auth#chrome#webkit
GHSA-cjmm-x9x9-m2w5: Craft CMS stored XSS in review volume

### Summary XSS can be triggered by review volumes ### PoC 1. Access setting tab 2. Create new assets 3. In assets name inject payload: "<script>alert(1337)</script> 4. Click Utilities tab 5. Choose all volumes, or volume trigger xss 6. Click Update asset indexes. 7. Wait to assets update success. 8. Progress complete. 9. Click on review button will trigger XSS ### Root cause Function: index.php?p=admin/actions/asset-indexes/process-indexing-session&v=1680710595770 After loading completed, progess will load: "skippedEntries" and "missingEntries" These parameters is not yet filtered, I just tried "skippedEntries" but I think it will be work with "missingEntries" ### My reponse: { "session": { "id": 10, "indexedVolumes": { "6": "\"<script>alert(1337)</script>" }, "totalEntries": 2235, "processedEntries": 2235, "cacheRemoteImages": true, "listEmptyFolders": false, "isCli": false, "actionRequired": true, ...

What is a web shell?

What are web shells? And why are attackers increasingly using them in their campaigns? We break it down in this blog.

CVE-2023-33750: There is a cross site scripting (XSS) vulnerability exists in mipjz v5.0.5 · Issue #15 · sansanyun/mipjz

A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description parameter at /index.php?s=/article/ApiAdminArticle/itemAdd.

CVE-2023-33751: There is a cross site scripting (XSS) vulnerability exists in mipjz v5.0.5 · Issue #14 · sansanyun/mipjz

A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at /app/tag/controller/ApiAdminTagCategory.php.

WordPress Beautiful Cookie Consent Banner 2.10.1 Cross Site Scripting

WordPress Beautiful Cookie Consent Banner versions 2.10.1 and below suffer from an unauthenticated persistent cross site scripting vulnerability.

2023 Online Course Registration 1.0 SQL Injection

2023 Online Course Registration version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass.

Service Provider Management System 1.0 SQL Injection

Service Provider Management System version 1.0 suffers from a remote SQL injection vulnerability.

CVE-2023-2888

A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&_noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was assigned to this vulnerability.

CVE-2023-2734: flutter-woo.php in mstore-api/tags/3.9.0/controllers – WordPress Plugin Repository

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.1. This is due to insufficient verification on the user being supplied during the cart sync from mobile REST API request through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user id.