Security
Headlines
HeadlinesLatestCVEs

Tag

#rce

GHSA-5grx-v727-qmq6: 1Panel has an SQL injection issue related to the orderBy clause

### Summary There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The proof is as follows ### Details (one of them ) <img width="697" alt="image" src="https://github.com/1Panel-dev/1Panel/assets/129351704/895b7b43-9bc0-44b3-9c84-24c2dcc962da"> <img width="936" alt="image" src="https://github.com/1Panel-dev/1Panel/assets/129351704/1b8eb866-9865-4bef-a359-53335d709157"> <img width="684" alt="image" src="https://github.com/1Panel-dev/1Panel/assets/129351704/e865d6d0-7ecb-49f7-b4a2-f1b0bc407986"> ### PoC curl 'http://api:30455/api/v1/hosts/command/search' {"page":1,"pageSize":10,"groupID":0,"orderBy":"**3**","order":"ascending","name":"a"} <img width="664" alt="image" src="https://github.com/1Panel-dev/1Panel/assets/129351704/250d5a2a-cb32-44dc-9831-86dbc2f2b43f"> for example as picture . just change orderby‘s num we can know How many columns does the data table have.Parameters require stri...

ghsa
Open in Source
#sql#git#rce#ssl
TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. "This vulnerability is due to improper

Xenforo 2.2.15 Remote Code Execution

XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.

XenForo 2.2.15 Cross Site Request Forgery

XenForo versions 2.2.15 and below suffer from a cross site request forgery vulnerability in Widget::actionSave.

Red Hat Security Advisory 2024-4583-03

Red Hat Security Advisory 2024-4583-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-4579-03

Red Hat Security Advisory 2024-4579-03 - An update for git is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

GHSA-6523-jf4r-c962: Apache StreamPipes has potential remote code execution (RCE) via file upload

Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue.

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. "Users are

Red Hat Security Advisory 2024-4554-03

Red Hat Security Advisory 2024-4554-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include code execution and use-after-free vulnerabilities.