Monthly Archive: February 2021

An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which...

Baby Care System v1.0 is vulnerable to SQL injection via the ‘id’ parameter on the contentsectionpage.php page. Date published : 2021-02-17 https://github.com/TCSWT/Baby-Care-System/blob/main/README.md

Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of...

This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers. Date published : 2021-02-17 https://github.com/akka/akka-http/pull/3754%23issuecomment-779265201 https://snyk.io/vuln/SNYK-JAVA-COMTYPESAFEAKKA-1075043

Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions. Date published : 2021-02-17 https://www.chtsecurity.com/news/fe1e30ef-4dac-4848-a3c9-a7df12672422 https://www.twcert.org.tw/tw/cp-132-4396-e6d44-1.html

The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system files arbitrarily. Date published : 2021-02-17 https://www.chtsecurity.com/news/fe1e30ef-4dac-4848-a3c9-a7df12672422 https://www.twcert.org.tw/tw/cp-132-4395-c01f7-1.html

The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege. Date published : 2021-02-17 https://www.chtsecurity.com/news/fe1e30ef-4dac-4848-a3c9-a7df12672422 https://www.twcert.org.tw/tw/cp-132-4394-76d41-1.html

The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands. Date published : 2021-02-17 https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e https://www.twcert.org.tw/tw/cp-132-4405-2ddde-1.html

The HR Portal of Soar Cloud System fails to filter specific parameters. Remote attackers can inject SQL syntax and obtain all data in the database without privilege. Date published : 2021-02-17 https://www.chtsecurity.com/news/d334641f-2b28-4eab-a5ed-c6ec6740557e https://www.twcert.org.tw/tw/cp-132-4404-3f498-1.html

The HR Portal of Soar Cloud System fails to manage access control. While obtaining user ID, remote attackers can access sensitive data via a specific data packet, such as user’s login information, further causing...

Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically dispose of the session. Over multiple git actions, this can...

Crash in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file Date published : 2021-02-17 https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22174.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYXLKQJ3D632XSG6VO7M4YFDAG6GRCLY/

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file Date published : 2021-02-17 https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22173.json https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYXLKQJ3D632XSG6VO7M4YFDAG6GRCLY/

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for...