Security
Headlines
HeadlinesLatestCVEs

Tag

#web

CVE-2023-41593: What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy

Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters.

CVE
Open in Source
#sql#xss#csrf#vulnerability#web#google#java#php#auth#chrome
CVE-2023-41609: CouchCMS v2.3 exists an open redirect vulnerability · Issue #190 · CouchCMS/CouchCMS

An open redirect vulnerability in the sanitize_url() parameter of CouchCMS v2.3 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.

CVE-2020-19318: dir_605L-stack-overflow/README.md at master · hhhhu8045759/dir_605L-stack-overflow

Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.

WordPress Slimstat Analytics 5.0.9 Cross Site Scripting / SQL Injection

WordPress Slimstat Analytics plugin versions 5.0.9 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

VMware vRealize Log Insight Unauthenticated Remote Code Execution

VMware vRealize Log Insights versions 8.x contain multiple vulnerabilities, such as directory traversal, broken access control, deserialization, and information disclosure. When chained together, these vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. This Metasploit module achieves code execution via triggering a RemotePakDownloadCommand command via the exposed thrift service after obtaining the node token by calling a GetConfigRequest thrift command. After the download, it will trigger a PakUpgradeCommand for processing the specially crafted PAK archive, which then will place the JSP payload under a certain API endpoint (pre-authenticated) location upon extraction for gaining remote code execution. Successfully tested against version 8.0.2.

Splunk Enterprise Account Takeover

Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14 allows low-privileged users who hold a role with edit_user capability assigned to it the ability to escalate their privileges to that of the admin user by providing specially crafted web requests.

Apple Security Advisory 2023-09-07-3

Apple Security Advisory 2023-09-07-3 - watchOS 9.6.2 addresses a malicious attachment vulnerability that could be used to execute arbitrary code.

Apple Security Advisory 2023-09-07-2

Apple Security Advisory 2023-09-07-2 - iOS 16.6.1 and iPadOS 16.6.1 addresses buffer overflow and code execution vulnerabilities.

OpenPLC Webserver 3 Denial Of Service / Buffer Overflow

A buffer overflow vulnerability in OpenPLC Runtime's webserver version 3 allows attackers to inject malicious code, leading to an internal server error that is irrecoverable. This also disables the ability to add any new slave devices through the "Add Slave Devices" component on the Modbus page of the application.

Shuttle Booking Software 1.0 SQL Injection

Shuttle Booking Software version 1.0 suffers from multiple remote SQL injection vulnerabilities.