MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/MonoX%20CMS/Privilege%20Escalation%20via%20ConvertVideo
MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/MonoX%20CMS/Multiple%20Cross-Site-Scripting
MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/MonoX%20CMS/Remote%20Code%20Execution%20via%20Insecure%20Deserialization
MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/MonoX%20CMS/Privilege%20Escalation%20via%20Template%20Modification
admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/Insecure%20Deserialization/Subpages%20-%20Authenticated%20PHP%20Object%20Injection
Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/CSV%20Injection
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie. Date published : 2020-04-29 https://github.com/belong2yourself/vulnerabilities/tree/master/Subrion%20CMS/Session%20Fixation
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. Date published :...
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. Date published : 2020-04-29 https://security.netapp.com/advisory/ntap-20200608-0001/ https://www.debian.org/security/2020/dsa-4698
The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with resultant XSS. Date published : 2020-04-29 Ninja Forms – The Contact Form Builder That Grows With You
PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an insufficient protection mechanism. An attacker can develop a crafted payload that can be inserted into the sort_order GET parameter on the members.php members search page....
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. Date published : 2020-04-29 https://access.redhat.com/security/cve/CVE-2020-12459 https://bugzilla.redhat.com/show_bug.cgi?id=1829724
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords)....
The ene.sys driver in G.SKILL Trident Z Lighting Control through 1.00.08 exposes mapping and un-mapping of physical memory, reading and writing to Model Specific Register (MSR) registers, and input from and output to I/O...