In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router’s web interface via the "echo" command. Date published : 2021-06-17 https://github.com/Galapag0s/Trendnet_TW100-S4W1CA/blob/main/writeup_XSS.txt
In TrendNet TW100-S4W1CA 2.3.32, due to a lack of proper session controls, a threat actor could make unauthorized changes to an affected router via a specially crafted web page. If an authenticated user were...
An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn’t be negative, e.g., access to element -2 of an...
Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Exploiting this vulnerability could allow...
Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product’s Captive Portal. Date published : 2021-06-17 https://success.trendmicro.com/solution/000286452
IBM AIX 7.1 could allow a non-privileged local user to exploit a vulnerability in the trace facility to expose sensitive information or cause a denial of service. IBM X-Force ID: 200663. Date published :...
All versions of package lutils are vulnerable to Prototype Pollution via the main (merge) function. Date published : 2021-06-17 https://snyk.io/vuln/SNYK-JS-LUTILS-1311023
An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. Date published...
Improper permissions in the installer for the Intel(R) Brand Verification Tool before version 11.0.0.1225 may allow an authenticated user to potentially enable escalation of privilege via local access. Date published : 2021-06-17 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html
In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF. Date published : 2021-06-17 https://civicrm.org/advisory/civi-sa-2020-11-csrf-ckeditor-configuration-form
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive. Date published : 2021-06-17 https://civicrm.org/advisory/civi-sa-2020-03
In Fiyo CMS 2.0.6.1, the ‘tag’ parameter results in an unauthenticated XSS attack. Date published : 2021-06-17 http://loganclaw.com/2020/12/07/fiyo-cms-reflected-xss/
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. Date published : 2021-06-17 https://github.com/monstra-cms/monstra/issues/469
An authenticated Stored XSS (Cross-site Scripting) exists in the "captive.cgi" Captive Portal via the "Title of Login Page" text box or "TITLE" parameter in IPFire 2.21 (x86_64) – Core Update 130. It allows an...