Monthly Archive: August 2018

IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622. Date published : 2018-08-01...

uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads). Date published : 2018-08-01 https://www.exploit-db.com/exploits/45150/ https://github.com/intelliants/subrion/commit/cb10ac2294cb2c3a6d2159f9a2bb8c58a2a10a47

rejucms 2.1 has stored XSS via the admin/book.php content parameter. Date published : 2018-08-01 https://github.com/ZBWACD/CodeAudit/blob/master/rejucms_v2.1

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it (but not perform actions) if the Guests user group has access...

Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping added to the tooltip information being displayed in multiple areas. Date published : 2018-08-01 https://github.com/intelliants/subrion/issues/760 https://github.com/intelliants/subrion/pull/763/commits

An issue was discovered in DataLife Engine (DLE) through 13.0. An attacker can use XSS (related to the /addnews.html and /index.php?do=addnews URIs) to send a malicious script to unsuspecting Admins or users. Date published...

Click Studios Passwordstate before 8.3 Build 8397 allows XSS by authenticated users via an uploaded HTML document. Date published : 2018-08-01 https://www.clickstudios.com.au/about/secure-code-data.aspx https://www.clickstudios.com.au/passwordstate-changelog.aspx

tss_alloc in sys/arch/i386/i386/gdt.c in OpenBSD 6.2 and 6.3 has a Local Denial of Service (system crash) due to incorrect I/O port access control on the i386 architecture. Date published : 2018-08-01 http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/arch/i386/i386/gdt.c.diff?r1=1.37&r2=1.37.8.1&f=h

A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In...

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689. Date published : 2018-08-01 https://bugzilla.suse.com/show_bug.cgi?id=1100217 https://github.com/openSUSE/open-build-service/commit/f57b660f49f830006766a8d4abc3b4af6e178063

openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links. Date published : 2018-08-01 http://www.securityfocus.com/bid/104958 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2018-12466

Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are...

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used....

A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to...