Monthly Archive: April 2020

An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.php allows a logged-in user (with the Subscriber role) to permanently delete arbitrary posts and pages, create new posts...

An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system. Date published : 2020-04-07 https://fortiguard.com/psirt/FG-IR-20-013

Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK...

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the ‘Object.prototype’ by abusing the ‘set’ function located in ‘js/set.js’. Date published : 2020-04-07 https://github.com/monsterkodi/sds/blob/master/js/set.js#L31 https://snyk.io/vuln/SNYK-JS-SDS-564123

express-mock-middleware through 0.0.6 is vulnerable to Prototype Pollution. Exported functions by the package can be tricked into adding or modifying properties of the `Object.prototype`. Exploitation of this vulnerability requires creation of a new directory...

fsa through 0.5.1 is vulnerable to Command Injection. The first argument of ‘execGitCommand()’, located within ‘lib/rep.js#63’ can be controlled by users without any sanitization to inject arbitrary commands. Date published : 2020-04-07 https://github.com/gregof/fsa/blob/master/lib/rep.js#L12 https://snyk.io/vuln/SNYK-JS-FSA-564118

npm-programmatic through 0.0.12 is vulnerable to Command Injection.The packages and option properties are concatenated together without any validation and are used by the ‘exec’ function directly. Date published : 2020-04-07 https://github.com/Manak/npm-programmatic/blob/master/index.js#L18 https://snyk.io/vuln/SNYK-JS-NPMPROGRAMMATIC-564115

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite...

Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem....

An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenticated attacker to perform a cross site scripting attack (XSS) via the name parameter. Date published : 2020-04-07 https://fortiguard.com/psirt/FG-IR-20-012

A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter. Date published : 2020-04-07...

Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a denial of service by sending a large ‘SigPubkeyLen’ during ECDH key exchange. Date published : 2020-04-07 https://www.tenable.com/security/research/tra-2020-19

MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a...

Multiple form validation endpoints in Jenkins useMango Runner Plugin 1.4 and earlier do not escape values received from the useMango service, resulting in a cross-site scripting (XSS) vulnerability exploitable by users able to control...