Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext ‘attacker@example.comntrole = "#admin"’ value. Date published : 2022-05-21 https://github.com/gitblit/gitblit/issues/1410...
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program. Date published : 2022-05-21 https://github.com/Ainevsia/CVE-Request/tree/main/Solana/1 https://github.com/solana-labs/rbpf/releases/tag/v0.2.29
The route lookup process in beego through 1.12.4 and 2.x through 2.0.2 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places...
Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0. Date published : 2022-05-21 https://huntr.dev/bounties/0730a95e-c485-4ff2-9a5d-bb3abfda0b17 https://github.com/radareorg/radare2/commit/919e3ac1a13f753c73e7a8e8d8bb4a143218732d
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter. Date published : 2022-05-20 http://www.pix-link.com/page50?product_id=144 https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter. Date published : 2022-05-20 http://www.pix-link.com/page50?product_id=144 https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...
Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ibericode’s MC4WP plugin
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely. Date published : 2022-05-20...
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can escalate to root by editing an OMD hook symlink. Date published : 2022-05-20 https://checkmk.com/werk/13902 https://forum.checkmk.com/c/announcements/18
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the –debug option in conjunction with the —PIPEMESS option in Sync Jobs. Date published :...
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30...
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file. Date published :...
School Dormitory Management System v1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /dms/admin/reports/daily_collection_report.php. Date published : 2022-05-20 https://packetstormsecurity.com/files/167001/School-Dormitory-Management-System-1.0-SQL-Injection.html