Monthly Archive: April 2018

EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) in an index.php?s=/index/search/index.html request. Date published : 2018-04-25 https://github.com/teameasy/EasyCMS/issues/1

concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via...

process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf. Date published :...

An issue was discovered in WUZHI CMS 4.1.0. The "Extension Module -> System Announcement" feature has Stored XSS via an announcement. Date published : 2018-04-25 https://github.com/wuzhicms/wuzhicms/issues/136

An issue was discovered in WUZHI CMS 4.1.0. The content-management feature has Stored XSS via the title or content section. Date published : 2018-04-25 https://github.com/wuzhicms/wuzhicms/issues/135

An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS. XSS exists in the name field. Date published : 2018-04-25 https://github.com/rainlab/user-plugin/commit/098c2bc907443d67e9e18645f850e3de42941d20 https://www.exploit-db.com/exploits/44546/

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1. Due to loose comparison with ‘==’ instead of ‘===’ in classes/Authorization.php for the user-provided login password, it is possible to login with a simpler password...

An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor’s kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local...

A persistent cross-site scripting vulnerability has been identified in the web interface of the Catapult UK Cookie Consent plugin before 2.3.10 for WordPress that allows the execution of arbitrary HTML/script code in the context...

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is XSS in invitation mail received from a different user, who can modify the HTML in that mail before sending it. Date published...

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization leading to creation of folders within another account via a modified device value. Date published : 2018-04-25 https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10212/

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper authorization when listing the history of another user via a modified "vaultize_session_id" value in a cookie. Date published : 2018-04-25 CVE-2018-10211

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. Enumeration of users is possible through the password-reset feature. Date published : 2018-04-25 https://www.excellium-services.com/cert-xlm-advisory/cve-2018-10210/

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is Stored XSS on the file or folder download pop-up via a crafted file or folder name. Date published : 2018-04-25 CVE-2018-10209