Monthly Archive: August 2018

MorningStar WhatWeb 0.4.9 has XSS via JSON report files. Date published : 2018-08-30 https://github.com/urbanadventurer/WhatWeb/issues/261

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter. Date published : 2018-08-30 https://github.com/bg5sbk/MiniCMS/issues/22

Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows remote attackers to cause a denial of service (daemon crash) via an unspecified sequence of FTP commands. Date published : 2018-08-30 https://hansesecure.de/vulnerability-remote-dos-in-personal-ftp-server/

The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. Date published : 2018-08-30 https://www.exploit-db.com/exploits/45255/ https://wpvulndb.com/vulnerabilities/9117

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers’ installations and do not properly restrict access to this key, which makes it easier...

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire...

PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function. Date published : 2018-08-30 https://unothing.github.io/posts/phpok48278/

ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in applicationUserControllerProfileController.class.php via an imgurl parameter with a .. sequence. A member user can delete any file on a Windows server. Date published :...

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb....

Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter. Date published : 2018-08-30 https://www.exploit-db.com/exploits/45296/ http://hyp3rlinx.altervista.org/advisories/ARGUS-SURVEILLANCE-DVR-v4-UNAUTHENTICATED-PATH-TRAVERSAL-FILE-DISCLOSURE.txt

Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. Date published : 2018-08-30 http://www.securityfocus.com/bid/105197 https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180829-03–security-notice-for-ca-release-automation.html

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73,...

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73,...

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73,...