Monthly Archive: February 2021

A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service....

fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background. Date published : 2021-02-23 https://github.com/BigTiger2020/Fastadmin-V1.0.0.20200506_beta https://github.com/BigTiger2020/Fastadmin-V1.0.0.20200506_beta/blob/main/README.md

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator. Date...

Multiple buffer overflow vulnerabilities exist when LeviStudioU (Version 2019-09-21 and prior) processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the...

A vulnerability was found in all versions of keycloak, where on using lower case HTTP headers (via cURL) we can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty)....

An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that extends this class without...

An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of...

An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught,...

A stored XSS issue exists in Appspace 6.2.4. After a user is authenticated and enters an XSS payload under the groups section of the network tab, it is stored as the group name. Whenever...

The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field. Date published : 2021-02-22 https://github.com/monicahq/monica/issues/4888 https://github.com/monicahq/monica/pull/4543

** DISPUTED ** Genymotion Desktop through 3.2.0 leaks the host’s clipboard data to the Android application by default. NOTE: the vendor’s position is that this is intended behavior that can be changed through the...

The Contact page in Monica 2.19.1 allows stored XSS via the Description field. Date published : 2021-02-22 https://github.com/monicahq/monica/issues/4888 https://github.com/monicahq/monica/pull/4543

The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field. Date published : 2021-02-22 http://packetstormsecurity.com/files/161501/Monica-2.19.1-Cross-Site-Scripting.html https://github.com/monicahq/monica/issues/4888

The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field. Date published : 2021-02-22 https://github.com/monicahq/monica/issues/4888 https://github.com/monicahq/monica/pull/4543