Monthly Archive: March 2022

BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. Date published : 2022-03-21 Home https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347

BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. Date published : 2022-03-21 Home https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346

BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. Date published : 2022-03-21 Home https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345

The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security restrictions, caused by improper enforcement of access controls. By signing in, an attacker could exploit this vulnerability to bypass security...

Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV. Date published : 2022-03-21 https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243

Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled. Date published : 2022-03-21 https://otrs.com/release-notes/otrs-security-advisory-2022-06/

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users),...

The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id parameter before using it in a SQL statement via the qcld_upvote_action AJAX action (available to unauthenticated and authenticated users), leading...

The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading...

The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abc_booking_getSingleCalendar AJAX action (available to both unauthenticated and authenticated...

The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be...

The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack...

Confd log files contain local users’, including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version...

The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting. Date published : 2022-03-21...