Monthly Archive: July 2021

NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability. Date published : 2021-07-25 https://github.com/0xfml/poc/blob/main/NCH/Flexiserver_6.00_LFI.md https://www.nchsoftware.com/flexi/index.html

firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts Date published : 2021-07-25 https://huntr.dev/bounties/497bdf6d-7dba-49c3-8011-1c64dfbb3380 https://github.com/firefly-iii/firefly-iii/commit/afc9f4b7ebc8a240c85864a6e1abda62bfeefae8

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__, toString, etc) results in a returned object with a modified prototype instance. Date...

Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE:...

Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy’s admin interface, which Contour normally prevents from access...

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are...

An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets. Date published : 2021-07-23...

A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file. Date published...

Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic

UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php. Date published : 2021-07-23 https://github.com/Gingsguard/ucms/blob/main/UCMS%20v.1.5.0%20Information%20leakage.md

A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file. Date published : 2021-07-23 https://github.com/bludit/bludit/issues/1298

Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First...

Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text...

Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php. Date published : 2021-07-23 https://github.com/BigTiger2020/Travel-Management-System/blob/main/Travel%20Management%20System.md