Shielder - Advisory

types Archives

Advisory

23/12/2020

[Advisory]

Infinite WP < 2.15.7 userLoginResetPassword Unauthenticated Account Takeover and Remote Code Execution

CVE-2020-28642: A vulnerability in InfiniteWP allows unauthenticated users to log-in if they know an email address of one of the users in the system, this is done through a flaw in the password reset mechanism of the product. An additional vulnerability allows the attacker to achieve Remote Code Execution.

02/11/2020

[Advisory]

ServiceStack <=5.9.1 JWT signature verification bypass

CVE-2020-28042: ServiceStack prior to version 5.9.2 is affected by a JWT signature verification bypass in the 'ServiceStack.Auth.JwtAuthProviderReader' method, which could be used to bypass the authentication mechanisms and/or to elevate privileges.

29/07/2020

[Advisory]

Bitwarden Server 1.35.1 Blind Server-Side Request Forgery (SSRF)

Bitwarden Server 1.35.1 is affected by a blind Server-Side Request Forgery (SSRF): an authenticated attacker can trigger arbitrary HTTP GET requests, even to locally exposed services, by adding a credential for a malicious domain.

28/07/2020

[Advisory]

Chadha PHPKB 9.0 Enterprise Edition arbitrary file disclosure

Chadha PHPKB 9.0 Enterprise Edition is affected by an arbitrary file disclosure: installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

10/07/2020

[Advisory]

LibreNMS /about Authenticated Command Injection

LibreNMS 1.65 is affected by an authenticated command-injection vulnerability in the "/about" API endpoint. A "normal" privileges attacker can gain Remote Code Execution (RCE) on the LibreNMS host.

10/07/2020

[Advisory]

LibreNMS /graph.php Authenticated Command Injection

LibreNMS 1.65 is affected by an authenticated command-injection vulnerability via the HTTP GET "title" parameter in the "/graph.php" API endpoint. A "normal" privileges attacker can gain Remote Code Execution (RCE) on the LibreNMS host.

10/07/2020

[Advisory]

LibreNMS address authenticated SQL injection

LibreNMS 1.65 is affected by a SQL Injection vulnerability via the 'address' parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

10/07/2020

[Advisory]

LibreNMS searchPhrase multiple authenticated SQL injections

LibreNMS 1.65 is affected by multiple SQL Injection vulnerabilities via the 'searchPhrase' parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

10/07/2020

[Advisory]

LibreNMS sort multiple authenticated SQL injections

LibreNMS 1.65 is affected by multiple SQL Injection vulnerabilities via the `sort` parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

20/04/2020

[Advisory]

Horde Gollem Reflected Cross-Site Scripting (XSS)

Horde Gollem 3.0.12, as used in Horde Groupware Webmail Edition 5.2.22, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality. An attacker can obtain access to a victim’s webmail account by making them visit a malicious URL.

We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.