Dernières vulnérabilités du Jeudi 17 Août 2023

Dernières vulnérabilités du Jeudi 17 Août 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 17/08/2023 à 23:58:03

(2) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : github.com

Vulnérabilité ID : CVE-2023-37914

Première publication le : 17-08-2023 18:15:14
Dernière modification le : 17-08-2023 18:54:21

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can view `Invitation.WebHome` can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. This vulnerability has been patched on XWiki 14.4.8, 15.2-rc-1, and 14.10.6. Users are advised to upgrade. Users unable to upgrade may manually apply the patch on `Invitation.InvitationCommon` and `Invitation.InvitationConfig`, but there are otherwise no known workarounds for this vulnerability.

CVE ID : CVE-2023-37914
Source : security-advisories@github.com
Score CVSS : 9.9

Références :
https://github.com/xwiki/xwiki-platform/commit/ff1d8a1790c6ee534c6a4478360a06efeb2d3591 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7954-6m9q-gpvf | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20421 | source : security-advisories@github.com

Vulnérabilité : CWE-94


Source : rockwellautomation.com

Vulnérabilité ID : CVE-2023-2917

Première publication le : 17-08-2023 16:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and potentially gain remote code execution abilities.

CVE ID : CVE-2023-2917
Source : PSIRT@rockwellautomation.com
Score CVSS : 9.8

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-20


(28) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : moxa.com

Vulnérabilité ID : CVE-2023-33237

Première publication le : 17-08-2023 02:15:41
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication vulnerability. This vulnerability arises from inadequate authentication measures implemented in the web API handler, allowing low-privileged APIs to execute restricted actions that only high-privileged APIs are allowed This presents a potential risk of unauthorized exploitation by malicious actors.

CVE ID : CVE-2023-33237
Source : psirt@moxa.com
Score CVSS : 8.8

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-33239

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from insufficient input validation in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVE ID : CVE-2023-33239
Source : psirt@moxa.com
Score CVSS : 8.8

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-34213

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the key-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVE ID : CVE-2023-34213
Source : psirt@moxa.com
Score CVSS : 8.8

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-34216

Première publication le : 17-08-2023 07:15:43
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability derives from insufficient input validation in the key-delete function, which could potentially allow malicious users to delete arbitrary files.

CVE ID : CVE-2023-34216
Source : psirt@moxa.com
Score CVSS : 8.1

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-34217

Première publication le : 17-08-2023 07:15:43
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-delete function, which could potentially allow malicious users to delete arbitrary files.

CVE ID : CVE-2023-34217
Source : psirt@moxa.com
Score CVSS : 8.1

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-33238

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command injection vulnerability. This vulnerability stems from inadequate input validation in the certificate management function, which could potentially allow malicious users to execute remote code on affected devices.

CVE ID : CVE-2023-33238
Source : psirt@moxa.com
Score CVSS : 7.2

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-34214

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation in the certificate-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVE ID : CVE-2023-34214
Source : psirt@moxa.com
Score CVSS : 7.2

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-34215

Première publication le : 17-08-2023 07:15:42
Dernière modification le : 17-08-2023 12:53:44

Description :
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection vulnerability. This vulnerability stems from insufficient input validation and improper authentication in the certification-generation function, which could potentially allow malicious users to execute remote code on affected devices.

CVE ID : CVE-2023-34215
Source : psirt@moxa.com
Score CVSS : 7.2

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities | source : psirt@moxa.com

Vulnérabilité : CWE-77


Source : asustor.com

Vulnérabilité ID : CVE-2023-2910

Première publication le : 17-08-2023 10:15:10
Dernière modification le : 17-08-2023 12:53:44

Description :
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in Printer service functionality in ASUSTOR Data Master (ADM) allows remote unauthorized users to execute arbitrary commands via unspecified vectors. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.

CVE ID : CVE-2023-2910
Source : security@asustor.com
Score CVSS : 8.8

Références :
https://www.asustor.com/security/security_advisory_detail?id=27 | source : security@asustor.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-3697

Première publication le : 17-08-2023 10:15:10
Dernière modification le : 17-08-2023 12:53:44

Description :
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.

CVE ID : CVE-2023-3697
Source : security@asustor.com
Score CVSS : 8.5

Références :
https://www.asustor.com/security/security_advisory_detail?id=28 | source : security@asustor.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-3698

Première publication le : 17-08-2023 10:15:10
Dernière modification le : 17-08-2023 12:53:44

Description :
Printer service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.

CVE ID : CVE-2023-3698
Source : security@asustor.com
Score CVSS : 8.5

Références :
https://www.asustor.com/security/security_advisory_detail?id=28 | source : security@asustor.com

Vulnérabilité : CWE-22


Source : lenovo.com

Vulnérabilité ID : CVE-2023-4030

Première publication le : 17-08-2023 17:15:10
Dernière modification le : 17-08-2023 18:54:21

Description :
A vulnerability was reported in BIOS for ThinkPad P14s Gen 2, P15s Gen 2, T14 Gen 2, and T15 Gen 2 that could cause the system to recover to insecure settings if the BIOS becomes corrupt.

CVE ID : CVE-2023-4030
Source : psirt@lenovo.com
Score CVSS : 8.4

Références :
https://support.lenovo.com/us/en/product_security/LEN-134879 | source : psirt@lenovo.com

Vulnérabilité : CWE-636


Vulnérabilité ID : CVE-2023-3078

Première publication le : 17-08-2023 17:15:10
Dernière modification le : 17-08-2023 18:54:21

Description :
An uncontrolled search path vulnerability was reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.

CVE ID : CVE-2023-3078
Source : psirt@lenovo.com
Score CVSS : 7.8

Références :
https://support.lenovo.com/us/en/product_security/LEN-121183 | source : psirt@lenovo.com

Vulnérabilité : CWE-427


Source : cert.vde.com

Vulnérabilité ID : CVE-2023-34412

Première publication le : 17-08-2023 14:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an authenticated remote attacker to store an arbitrary JavaScript payload on the diagnosis page of the device. That page is loaded immediately after login in to the device and runs the stored payload, allowing the attacker to read and write browser data and reduce system performance.

CVE ID : CVE-2023-34412
Source : info@cert.vde.com
Score CVSS : 8.3

Références :
https://cert.vde.com/en/advisories/VDE-2023-012/ | source : info@cert.vde.com
https://cert.vde.com/en/advisories/VDE-2023-029/ | source : info@cert.vde.com

Vulnérabilité : CWE-79


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4395

Première publication le : 17-08-2023 04:15:10
Dernière modification le : 17-08-2023 12:53:44

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.

CVE ID : CVE-2023-4395
Source : security@huntr.dev
Score CVSS : 8.1

Références :
https://github.com/cockpit-hq/cockpit/commit/36d1d4d256cbbab028342ba10cc493e5c119172c | source : security@huntr.dev
https://huntr.dev/bounties/60e38563-7ac8-4a13-ac04-2980cc48b0da | source : security@huntr.dev

Vulnérabilité : CWE-79


Source : krcert.or.kr

Vulnérabilité ID : CVE-2023-40252

Première publication le : 17-08-2023 07:15:43
Dernière modification le : 17-08-2023 12:53:44

Description :
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

CVE ID : CVE-2023-40252
Source : vuln@krcert.or.kr
Score CVSS : 7.7

Références :
https://www.genians.co.kr/notice/2023 | source : vuln@krcert.or.kr

Vulnérabilité : CWE-94


Source : rockwellautomation.com

Vulnérabilité ID : CVE-2023-2914

Première publication le : 17-08-2023 16:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software.

CVE ID : CVE-2023-2914
Source : PSIRT@rockwellautomation.com
Score CVSS : 7.5

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-2915

Première publication le : 17-08-2023 16:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A malicious user could exploit this vulnerability by sending a specifically crafted synchronization protocol message resulting in a denial-of-service condition.

CVE ID : CVE-2023-2915
Source : PSIRT@rockwellautomation.com
Score CVSS : 7.5

Références :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471 | source : PSIRT@rockwellautomation.com

Vulnérabilité : CWE-20


Source : github.com

Vulnérabilité ID : CVE-2023-40165

Première publication le : 17-08-2023 18:15:17
Dernière modification le : 17-08-2023 18:54:21

Description :
rubygems.org is the Ruby community's primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket, and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user's applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but the can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems.

CVE ID : CVE-2023-40165
Source : security-advisories@github.com
Score CVSS : 7.4

Références :
https://github.com/rubygems/rubygems.org/commit/7e19c19247ddf5885a915710afc60ec6663d8502 | source : security-advisories@github.com
https://github.com/rubygems/rubygems.org/security/advisories/GHSA-rxcq-2m4f-94wm | source : security-advisories@github.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-40168

Première publication le : 17-08-2023 20:15:11
Dernière modification le : 17-08-2023 20:15:11

Description :
TurboWarp is a desktop application that compiles scratch projects to JavaScript. TurboWarp Desktop versions prior to version 1.8.0 allowed a malicious project or custom extension to read arbitrary files from disk and upload them to a remote server. The only required user interaction is opening the sb3 file or loading the extension. The web version of TurboWarp is not affected. This bug has been addressed in commit `55e07e99b59` after an initial fix which was reverted. Users are advised to upgrade to version 1.8.0 or later. Users unable to upgrade should avoid opening sb3 files or loading extensions from untrusted sources.

CVE ID : CVE-2023-40168
Source : security-advisories@github.com
Score CVSS : 7.4

Références :
https://github.com/TurboWarp/desktop/commit/55e07e99b59db334d75e8f46792a1569ab0884a6 | source : security-advisories@github.com
https://github.com/TurboWarp/desktop/commit/a62dbd7a28b41857e3b6f32443fda0527d493267 | source : security-advisories@github.com
https://github.com/TurboWarp/desktop/commit/f0f82aaf6cc8170e9da8b36953c98bfe533c019f | source : security-advisories@github.com
https://github.com/TurboWarp/desktop/security/advisories/GHSA-wg4p-vj7h-q82q | source : security-advisories@github.com

Vulnérabilité : CWE-863


Source : patchstack.com

Vulnérabilité ID : CVE-2023-30877

Première publication le : 17-08-2023 09:15:12
Dernière modification le : 17-08-2023 12:53:44

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Maxim Glazunov XML for Google Merchant Center plugin <= 3.0.1 versions.

CVE ID : CVE-2023-30877
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/xml-for-google-merchant-center/wordpress-xml-for-google-merchant-center-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31071

Première publication le : 17-08-2023 09:15:12
Dernière modification le : 17-08-2023 12:53:44

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.14 versions.

CVE ID : CVE-2023-31071
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/modal-dialog/wordpress-modal-dialog-plugin-3-5-14-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31076

Première publication le : 17-08-2023 09:15:12
Dernière modification le : 17-08-2023 12:53:44

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin <= 8.0.6 versions.

CVE ID : CVE-2023-31076
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-26530

Première publication le : 17-08-2023 11:15:21
Dernière modification le : 17-08-2023 12:53:44

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Paul Kehrer Updraft plugin <= 0.6.1 versions.

CVE ID : CVE-2023-26530
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/updraft/wordpress-updraft-plugin-0-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31074

Première publication le : 17-08-2023 11:15:23
Dernière modification le : 17-08-2023 12:53:44

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in hupe13 Extensions for Leaflet Map plugin <= 3.4.1 versions.

CVE ID : CVE-2023-31074
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/extensions-leaflet-map/wordpress-extensions-for-leaflet-map-plugin-3-4-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28693

Première publication le : 17-08-2023 15:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Balasaheb Bhise Advanced Youtube Channel Pagination plugin <= 1.0 version.

CVE ID : CVE-2023-28693
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/advanced-youtube-channel-pagination/wordpress-advanced-youtube-channel-pagination-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31072

Première publication le : 17-08-2023 15:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Praveen Goswami Advanced Category Template plugin <= 0.1 versions.

CVE ID : CVE-2023-31072
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/advanced-category-template/wordpress-advanced-category-template-plugin-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : opennms.com

Vulnérabilité ID : CVE-2023-40313

Première publication le : 17-08-2023 19:15:13
Dernière modification le : 17-08-2023 19:15:13

Description :
A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.

CVE ID : CVE-2023-40313
Source : security@opennms.com
Score CVSS : 7.1

Références :
https://docs.opennms.com/horizon/32/releasenotes/changelog.html | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6368 | source : security@opennms.com


(20) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : redhat.com

Vulnérabilité ID : CVE-2023-4394

Première publication le : 17-08-2023 13:15:11
Dernière modification le : 17-08-2023 16:20:42

Description :
A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information

CVE ID : CVE-2023-4394
Source : secalert@redhat.com
Score CVSS : 6.7

Références :
https://access.redhat.com/security/cve/CVE-2023-4394 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2219263 | source : secalert@redhat.com
https://patchwork.kernel.org/project/linux-btrfs/patch/20220815151606.3479183-1-r33s3n6@gmail.com/ | source : secalert@redhat.com


Source : lenovo.com

Vulnérabilité ID : CVE-2023-34419

Première publication le : 17-08-2023 17:15:09
Dernière modification le : 17-08-2023 18:54:21

Description :
A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVE ID : CVE-2023-34419
Source : psirt@lenovo.com
Score CVSS : 6.7

Références :
https://support.lenovo.com/us/en/product_security/LEN-134879 | source : psirt@lenovo.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-4028

Première publication le : 17-08-2023 17:15:10
Dernière modification le : 17-08-2023 18:54:21

Description :
A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVE ID : CVE-2023-4028
Source : psirt@lenovo.com
Score CVSS : 6.7

Références :
https://support.lenovo.com/us/en/product_security/LEN-134879 | source : psirt@lenovo.com

Vulnérabilité : CWE-120


Vulnérabilité ID : CVE-2023-4029

Première publication le : 17-08-2023 17:15:10
Dernière modification le : 17-08-2023 18:54:21

Description :
A buffer overflow has been identified in the BoardUpdateAcpiDxe driver in some Lenovo ThinkPad products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

CVE ID : CVE-2023-4029
Source : psirt@lenovo.com
Score CVSS : 6.7

Références :
https://support.lenovo.com/us/en/product_security/LEN-134879 | source : psirt@lenovo.com

Vulnérabilité : CWE-120


Source : patchstack.com

Vulnérabilité ID : CVE-2023-31079

Première publication le : 17-08-2023 15:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Roberts Tippy plugin <= 6.2.1 versions.

CVE ID : CVE-2023-31079
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/tippy/wordpress-tippy-plugin-6-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28533

Première publication le : 17-08-2023 09:15:10
Dernière modification le : 17-08-2023 12:53:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in M Williams Cab Grid plugin <= 1.5.15 versions.

CVE ID : CVE-2023-28533
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/cab-grid/wordpress-cab-grid-plugin-1-5-15-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28622

Première publication le : 17-08-2023 09:15:11
Dernière modification le : 17-08-2023 12:53:44

Description :
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.

CVE ID : CVE-2023-28622
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/easy-slider-revolution/wordpress-easy-slider-revolution-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30874

Première publication le : 17-08-2023 09:15:11
Dernière modification le : 17-08-2023 12:53:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions.

CVE ID : CVE-2023-30874
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/gps-plotter/wordpress-gps-plotter-plugin-5-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-30876

Première publication le : 17-08-2023 09:15:12
Dernière modification le : 17-08-2023 12:53:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Dave Ross Dave's WordPress Live Search plugin <= 4.8.1 versions.

CVE ID : CVE-2023-30876
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/daves-wordpress-live-search/wordpress-dave-s-wordpress-live-search-plugin-4-8-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-31091

Première publication le : 17-08-2023 11:15:23
Dernière modification le : 17-08-2023 12:53:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pradeep Singh Dynamically Register Sidebars plugin <= 1.0.1 versions.

CVE ID : CVE-2023-31091
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/dynamically-register-sidebars/wordpress-dynamically-register-sidebars-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-28783

Première publication le : 17-08-2023 15:15:09
Dernière modification le : 17-08-2023 16:20:42

Description :
Auth. (shop manager+) Stored Cross-Site Scripting (XSS) vulnerability in PHPRADAR Woocommerce Tip/Donation plugin <= 1.2 versions.

CVE ID : CVE-2023-28783
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/woo-tipdonation/wordpress-woocommerce-tip-donation-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Source : fortinet.com

Vulnérabilité ID : CVE-2023-29182

Première publication le : 17-08-2023 10:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.

CVE ID : CVE-2023-29182
Source : psirt@fortinet.com
Score CVSS : 6.4

Références :
https://fortiguard.com/psirt/FG-IR-23-149 | source : psirt@fortinet.com


Source : wordfence.com

Vulnérabilité ID : CVE-2023-3244

Première publication le : 17-08-2023 07:15:43
Dernière modification le : 17-08-2023 12:53:44

Description :
The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated.

CVE ID : CVE-2023-3244
Source : security@wordfence.com
Score CVSS : 5.3

Références :
https://plugins.trac.wordpress.org/browser/comments-like-dislike/trunk/inc/classes/cld-admin.php#L99 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/66019297-a8a8-4bbc-99db-4b47066f3e50?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-862


Source : juniper.net

Vulnérabilité ID : CVE-2023-36844

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S9; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3.

CVE ID : CVE-2023-36844
Source : sirt@juniper.net
Score CVSS : 5.3

Références :
https://supportportal.juniper.net/JSA72300 | source : sirt@juniper.net

Vulnérabilité : CWE-473


Vulnérabilité ID : CVE-2023-36845

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.

CVE ID : CVE-2023-36845
Source : sirt@juniper.net
Score CVSS : 5.3

Références :
https://supportportal.juniper.net/JSA72300 | source : sirt@juniper.net

Vulnérabilité : CWE-473


Vulnérabilité ID : CVE-2023-36846

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.

CVE ID : CVE-2023-36846
Source : sirt@juniper.net
Score CVSS : 5.3

Références :
https://supportportal.juniper.net/JSA72300 | source : sirt@juniper.net

Vulnérabilité : CWE-306


Vulnérabilité ID : CVE-2023-36847

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.

CVE ID : CVE-2023-36847
Source : sirt@juniper.net
Score CVSS : 5.3

Références :
https://supportportal.juniper.net/JSA72300 | source : sirt@juniper.net

Vulnérabilité : CWE-306


Source : opennms.com

Vulnérabilité ID : CVE-2023-40315

Première publication le : 17-08-2023 20:15:11
Dernière modification le : 17-08-2023 20:15:11

Description :
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 and related Meridian versions, any user that has the ROLE_FILESYSTEM_EDITOR can easily escalate their privileges to ROLE_ADMIN or any other role. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.

CVE ID : CVE-2023-40315
Source : security@opennms.com
Score CVSS : 5.3

Références :
https://docs.opennms.com/meridian/2023/releasenotes/changelog.html#releasenotes-changelog-Meridian-2023.1.5 | source : security@opennms.com
https://github.com/OpenNMS/opennms/pull/6250 | source : security@opennms.com


Source : krcert.or.kr

Vulnérabilité ID : CVE-2023-40251

Première publication le : 17-08-2023 07:15:43
Dernière modification le : 17-08-2023 12:53:44

Description :
Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.

CVE ID : CVE-2023-40251
Source : vuln@krcert.or.kr
Score CVSS : 5.2

Références :
https://www.genians.co.kr/notice/2023 | source : vuln@krcert.or.kr

Vulnérabilité : CWE-311


Source : zte.com.cn

Vulnérabilité ID : CVE-2023-25647

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.

CVE ID : CVE-2023-25647
Source : psirt@zte.com.cn
Score CVSS : 4.7

Références :
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264 | source : psirt@zte.com.cn

Vulnérabilité : CWE-269


(1) Vulnérabilité(s) LOW [0.1, 3.9]

Source : vuldb.com

Vulnérabilité ID : CVE-2023-4392

Première publication le : 17-08-2023 03:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected by this issue is some unknown functionality of the component Cookie Handler. The manipulation leads to cleartext storage of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237380. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4392
Source : cna@vuldb.com
Score CVSS : 3.7

Références :
https://l6x.notion.site/PoC-Improper-Authentication-efe05964ff604beeac15f693c1e01dd6?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.237380 | source : cna@vuldb.com
https://vuldb.com/?id.237380 | source : cna@vuldb.com

Vulnérabilité : CWE-312


(24) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : jpcert.or.jp

Vulnérabilité ID : CVE-2023-40281

Première publication le : 17-08-2023 07:15:44
Dernière modification le : 17-08-2023 12:53:44

Description :
EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in "mail/template" and "products/product" of Management page. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product.

CVE ID : CVE-2023-40281
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/jp/JVN46993816/ | source : vultures@jpcert.or.jp
https://www.ec-cube.net/info/weakness/20230727/ | source : vultures@jpcert.or.jp


Source : mitre.org

Vulnérabilité ID : CVE-2023-38838

Première publication le : 17-08-2023 12:15:09
Dernière modification le : 17-08-2023 12:53:44

Description :
SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component.

CVE ID : CVE-2023-38838
Source : cve@mitre.org
Score CVSS : /

Références :
http://kidus.com | source : cve@mitre.org
http://minimati.com | source : cve@mitre.org
https://github.com/kiduswb/minimati/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38902

Première publication le : 17-08-2023 13:15:11
Dernière modification le : 17-08-2023 16:20:42

Description :
An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P218, RG-EG series business VPN routers v.EG_3.0(1)B11P216, EAP and RAP series wireless access points v.AP_3.0(1)B11P218, and NBC series wireless controllers v.AC_3.0(1)B11P86 allows a remote attacker to execute arbitrary code via the unifyframe-sgi.elf component in sub_40DA38.

CVE ID : CVE-2023-38902
Source : cve@mitre.org
Score CVSS : /

Références :
http://rg-ew.com | source : cve@mitre.org
http://ruijie.com | source : cve@mitre.org
https://gist.github.com/ZIKH26/18693c67ee7d2f8d2c60231b19194c37 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-26469

Première publication le : 17-08-2023 19:15:12
Dernière modification le : 17-08-2023 19:15:12

Description :
In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.

CVE ID : CVE-2023-26469
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Orange-Cyberdefense/CVE-repository/tree/master | source : cve@mitre.org
https://jorani.org/security-features-in-lms.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38843

Première publication le : 17-08-2023 19:15:12
Dernière modification le : 17-08-2023 19:15:12

Description :
An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function.

CVE ID : CVE-2023-38843
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1 | source : cve@mitre.org
https://github.com/atlosdotorg/atlos | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38905

Première publication le : 17-08-2023 19:15:12
Dernière modification le : 17-08-2023 19:15:12

Description :
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.

CVE ID : CVE-2023-38905
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642 | source : cve@mitre.org
https://github.com/jeecgboot/jeecg-boot/issues/4737 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39741

Première publication le : 17-08-2023 19:15:12
Dernière modification le : 17-08-2023 19:15:12

Description :
lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file.

CVE ID : CVE-2023-39741
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/ckolivas/lrzip/issues/246 | source : cve@mitre.org
https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39743

Première publication le : 17-08-2023 19:15:13
Dernière modification le : 17-08-2023 19:15:13

Description :
lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c.

CVE ID : CVE-2023-39743
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/huanglei3/lrzip-next-poc/tree/main | source : cve@mitre.org
https://github.com/pete4abw/lrzip-next/issues/132 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31938

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_detail.php.

CVE ID : CVE-2023-31938
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug2-SQL-Injection-emp_id.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31939

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.

CVE ID : CVE-2023-31939
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug4-SQL-Injection-costomer_id.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31940

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php.

CVE ID : CVE-2023-31940
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug7-SQL-Injection-page_id.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31941

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the employee_insert.php.

CVE ID : CVE-2023-31941
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug1-File%20upload.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31942

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
Cross Site Scripting vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the description parameter in insert.php.

CVE ID : CVE-2023-31942
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug9-XSS-description.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31943

Première publication le : 17-08-2023 20:15:09
Dernière modification le : 17-08-2023 20:15:09

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the ticket_id parameter at ticket_detail.php.

CVE ID : CVE-2023-31943
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug6-SQL-Injection-ticket_id.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31944

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the emp_id parameter at employee_edit.php.

CVE ID : CVE-2023-31944
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug3-SQL-Injection-emp_id2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31945

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the id parameter at daily_expenditure_edit.php.

CVE ID : CVE-2023-31945
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug5-SQL-Injection-id.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-31946

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
File Upload vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via a crafted PHP file to the artical.php.

CVE ID : CVE-2023-31946
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/DiliLearngent/BugReport/blob/main/php/Online-Travel-Agency-System/bug8-File%20upload2.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36106

Première publication le : 17-08-2023 20:15:10
Dernière modification le : 17-08-2023 20:15:10

Description :
An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list.

CVE ID : CVE-2023-36106
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/tztdsb/a653b6db328199ec0f55e54b4e466415#file-gistfile1-txt | source : cve@mitre.org
https://gitee.com/KFCFans/PowerJob | source : cve@mitre.org


Source : apache.org

Vulnérabilité ID : CVE-2023-40272

Première publication le : 17-08-2023 14:15:10
Dernière modification le : 17-08-2023 19:15:13

Description :
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.

CVE ID : CVE-2023-40272
Source : security@apache.org
Score CVSS : /

Références :
http://www.openwall.com/lists/oss-security/2023/08/17/1 | source : security@apache.org
https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7 | source : security@apache.org

Vulnérabilité : CWE-20


Source : joomla.org

Vulnérabilité ID : CVE-2023-39970

Première publication le : 17-08-2023 21:15:09
Dernière modification le : 17-08-2023 21:15:09

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.

CVE ID : CVE-2023-39970
Source : security@joomla.org
Score CVSS : /

Références :
https://extensions.joomla.org/extension/acymailing-starter/ | source : security@joomla.org

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-39971

Première publication le : 17-08-2023 21:15:09
Dernière modification le : 17-08-2023 21:15:09

Description :
Improper Neutralization of Input During Web Page Generation vulnerability in AcyMailing Enterprise component for Joomla allows XSS. This issue affects AcyMailing Enterprise component for Joomla: 6.7.0-8.6.3.

CVE ID : CVE-2023-39971
Source : security@joomla.org
Score CVSS : /

Références :
https://extensions.joomla.org/extension/acymailing-starter/ | source : security@joomla.org
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/ | source : security@joomla.org

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39972

Première publication le : 17-08-2023 21:15:09
Dernière modification le : 17-08-2023 21:15:09

Description :
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized users to create new mailing lists.

CVE ID : CVE-2023-39972
Source : security@joomla.org
Score CVSS : /

Références :
https://extensions.joomla.org/extension/acymailing-starter/ | source : security@joomla.org
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/ | source : security@joomla.org

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-39973

Première publication le : 17-08-2023 21:15:09
Dernière modification le : 17-08-2023 21:15:09

Description :
Improper Access Control vulnerability in AcyMailing Enterprise component for Joomla. It allows the unauthorized removal of attachments from campaigns.

CVE ID : CVE-2023-39973
Source : security@joomla.org
Score CVSS : /

Références :
https://extensions.joomla.org/extension/acymailing-starter/ | source : security@joomla.org
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/ | source : security@joomla.org

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-39974

Première publication le : 17-08-2023 21:15:09
Dernière modification le : 17-08-2023 21:15:09

Description :
Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.

CVE ID : CVE-2023-39974
Source : security@joomla.org
Score CVSS : /

Références :
https://extensions.joomla.org/extension/acymailing-starter/ | source : security@joomla.org
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/ | source : security@joomla.org

Vulnérabilité : CWE-200


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.