Monthly Archive: February 2020

hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed...

The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection. Date published : 2020-02-28 https://wpvulndb.com/vulnerabilities/10094 https://www.getastra.com/blog/911/plugin-exploit/csv-injection-in-export-users-to-csv-wordpress-plugin/

An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass...

Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request. Date published : 2020-02-28 https://code610.blogspot.com/2020/02/postauth-rce-in-centreon-1910.html

Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax...

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate...

There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functionality. Someone can upload a file with a malicious filename, which contains JavaScript code, which would result in XSS. Cross-site...

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%OpenVPN Connectdriverstapamd64win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. Date published : 2020-02-28 https://github.com/hessandrew/CVE-2020-9442

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux. Date published : 2020-02-28...

Lack of input validation in pdf-image npm package version

Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. Date published : 2020-02-28 https://hackerone.com/reports/691977

A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user’s authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system....

An open redirect is present on the gateway’s login page, which could cause a user to be redirected to a malicious site after logging in. Date published : 2020-02-28 https://github.com/mozilla-iot/gateway/pull/2446

In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the...