Monthly Archive: July 2018

The New Threads plugin before 1.2 for MyBB has XSS. Date published : 2018-07-18 https://www.exploit-db.com/exploits/45057/ https://community.mybb.com/mods.php?action=changelog&pid=1143

joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter. Date published : 2018-07-18 https://github.com/joyplus/joyplus-cms/issues/430

joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php can_search_device array parameter. Date published : 2018-07-18 https://github.com/joyplus/joyplus-cms/issues/429

An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against...

InstantCMS 2.10.1 has /redirect?url= XSS. Date published : 2018-07-18 https://github.com/instantsoft/icms2/issues/892

Pagekit before 1.0.14 has a /user/login?redirect= open redirect vulnerability. Date published : 2018-07-18 https://github.com/pagekit/pagekit/issues/905 https://github.com/pagekit/pagekit/releases/tag/1.0.14

In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts. Date published : 2018-07-18 https://github.com/Graylog2/graylog2-server/pull/4904 https://www.graylog.org/post/announcing-the-release-of-graylog-2-4-6

MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly...

The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications. Date published :...

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read. Date published : 2018-07-18 http://www.securityfocus.com/bid/104847...

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash. This was addressed in epan/dissectors/packet-http2.c by verifying that header data was found before proceeding to header decompression....

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too...

In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the CoAP protocol dissector could crash. This was addressed in epan/dissectors/packet-coap.c by properly checking for a NULL condition. Date published : 2018-07-18 http://www.securityfocus.com/bid/104847 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14966

GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component. Date published :...