Monthly Archive: September 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. Date published :...

An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other...

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the...

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the...

Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. Date published : 2018-09-05 http://bbs.gxlcms.com/forum.php?mod=viewthread&tid=787&extra=page%3D1 http://www.ttk7.cn/post-78.html

Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. Date published : 2018-09-05 http://bbs.gxlcms.com/forum.php?mod=viewthread&tid=787&extra=page%3D1 http://www.ttk7.cn/post-77.html

e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter. Date published : 2018-09-05 https://github.com/dhananjay-bajaj/E107-v2.1.8-XSS-POC

An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter. Date published : 2018-09-05 https://github.com/btiteam/xbtit/pull/58 https://rastating.github.io/xbtit-multiple-vulnerabilities/

An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents...

FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection. Date published : 2018-09-05 https://www.exploit-db.com/exploits/45319/ http://hyp3rlinx.altervista.org/advisories/FSPRO-LABS-EVENT-LOG-EXPLORER-XML-INJECTION-INFO-DISCLOSURE.txt

The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. Date published : 2018-09-05 https://knowledge.opsview.com/v5.3/docs/whats-new https://knowledge.opsview.com/v5.4/docs/whats-new

The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. Date published : 2018-09-05 https://knowledge.opsview.com/v5.3/docs/whats-new https://knowledge.opsview.com/v5.4/docs/whats-new

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized,...

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate...