Monthly Archive: August 2018

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states ‘We...

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. Date published : 2018-08-28 http://www.securityfocus.com/bid/105122...

e107 2.1.8 has CSRF in ‘usersettings.php’ with an impact of changing details such as passwords of users including administrators. Date published : 2018-08-28 https://github.com/dhananjay-bajaj/e107_2.1.8_csrf

PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by...

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name. Date published : 2018-08-28 https://gkaim.com/cve-2018-15896-vikas-chaudhary/

RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. Date published : 2018-08-28 https://www.exploit-db.com/exploits/45264/ http://packetstormsecurity.com/files/149082/RICOH-MP-C4504ex-Cross-Site-Request-Forgery.html

An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter. Date published : 2018-08-28 http://www.securityfocus.com/bid/105166 https://developer.joomla.org/security-centre/743-20180801-core-hardening-the-inputfilter-for-phar-stubs.html

An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation. Date published : 2018-08-28 http://www.securityfocus.com/bid/105161 https://developer.joomla.org/security-centre/745-20180803-core-acl-violation-in-custom-fields.html

An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile page could lead to a stored XSS attack. Date published : 2018-08-28 http://www.securityfocus.com/bid/105164 https://developer.joomla.org/security-centre/744-20180802-core-stored-xss-vulnerability-in-the-frontend-profile.html

A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter. Date published : 2018-08-28 https://hackpuntes.com/cve-2018-15873-sentrifugo-hrms-3-2-blind-sql-injection/

D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header. Date published : 2018-08-28 https://www.exploit-db.com/exploits/45317/ D-Link DIR-615 – BUFFER OVERFLOW VIA A LONG AUTHORIZATION HTTP HEADER [CVE-2018-15839] (Click Here):

Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen. Date published : 2018-08-28 https://www.exploit-db.com/exploits/45256/ http://packetstormsecurity.com/files/149097/ManageEngine-ADManager-Plus-6.5.7-Cross-Site-Scripting.html

Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen. Date published : 2018-08-28 https://www.exploit-db.com/exploits/45254/

An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents)...