Shielder - Advisory

types Archives

Advisory

02/11/2020

ServiceStack <=5.9.1 JWT signature verification bypass

CVE-2020-28042: ServiceStack prior to version 5.9.2 is affected by a JWT signature verification bypass in the 'ServiceStack.Auth.JwtAuthProviderReader' method, which could be used to bypass the authentication mechanisms and/or to elevate privileges.

Advisory

29/07/2020

Advisory

Bitwarden Server 1.35.1 Blind Server-Side Request Forgery (SSRF)

Bitwarden Server 1.35.1 is affected by a blind Server-Side Request Forgery (SSRF): an authenticated attacker can trigger arbitrary HTTP GET requests, even to locally exposed services, by adding a credential for a malicious domain.

Advisory

28/07/2020

Advisory

Chadha PHPKB 9.0 Enterprise Edition arbitrary file disclosure

Chadha PHPKB 9.0 Enterprise Edition is affected by an arbitrary file disclosure: installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.

Advisory

10/07/2020

Advisory

LibreNMS /about Authenticated Command Injection

LibreNMS 1.65 is affected by an authenticated command-injection vulnerability in the "/about" API endpoint. A "normal" privileges attacker can gain Remote Code Execution (RCE) on the LibreNMS host.

Advisory

10/07/2020

Advisory

LibreNMS /graph.php Authenticated Command Injection

LibreNMS 1.65 is affected by an authenticated command-injection vulnerability via the HTTP GET "title" parameter in the "/graph.php" API endpoint. A "normal" privileges attacker can gain Remote Code Execution (RCE) on the LibreNMS host.

Advisory

10/07/2020

Advisory

LibreNMS address authenticated SQL injection

LibreNMS 1.65 is affected by a SQL Injection vulnerability via the 'address' parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

Advisory

10/07/2020

Advisory

LibreNMS searchPhrase multiple authenticated SQL injections

LibreNMS 1.65 is affected by multiple SQL Injection vulnerabilities via the 'searchPhrase' parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

Advisory

10/07/2020

Advisory

LibreNMS sort multiple authenticated SQL injections

LibreNMS 1.65 is affected by multiple SQL Injection vulnerabilities via the `sort` parameter in the '/ajax_table.php' API endpoint. A 'normal' privileges attacker can gain access to the database in use by LibreNMS.

Advisory

20/04/2020

Advisory

Horde Gollem Reflected Cross-Site Scripting (XSS)

Horde Gollem 3.0.12, as used in Horde Groupware Webmail Edition 5.2.22, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality. An attacker can obtain access to a victim’s webmail account by making them visit a malicious URL.

Advisory

20/04/2020

Advisory

Horde Groupware Webmail Stored Cross-Site Scripting (XSS) via SVG

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.