Monthly Archive: April 2018

The HTTP and WebSocket engine components in the server in Kaazing Gateway before 4.5.3 hotfix-1, Gateway – JMS Edition before 4.0.5 hotfix-15, 4.0.6 before hotfix-4, 4.0.7, 4.0.9 before hotfix-19, 4.4.x before 4.4.2 hotfix-1, 4.5.x...

IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of...

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header. Date published...

CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message. Date published : 2018-04-12 http://www.securityfocus.com/archive/1/541931/100/0/threaded https://www.exploit-db.com/exploits/44428/

Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin->Logs section (with a logs?logs.type=...

exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter. Date published : 2018-04-12 https://99robots.com/docs/wp-background-takeover-advertisements/ https://www.exploit-db.com/exploits/44417/

PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php. Date published : 2018-04-12 https://0day4u.wordpress.com/2018/03/19/student-profile-management-system-script-stored-xss/

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3. Date published : 2018-04-12 https://0day4u.wordpress.com/2018/03/12/97/

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. Date published : 2018-04-12 https://0day4u.wordpress.com/2018/03/12/car-rental-script-stored-xss/

PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation...

PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action. Date published : 2018-04-12 https://0day4u.wordpress.com/2018/03/12/image-sharing-script-stored-xss/

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. Date published : 2018-04-12 https://0day4u.wordpress.com/2018/03/12/website-broker-script-stored-xss/

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code. Date...