COWELL INFORMATION SYSTEM CO., LTD. Security Vulnerabilities

CVE-2024-5636

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The.....

CVE-2024-37680

Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...

CVE-2024-37680

Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the...

CVE-2024-36779

Sourcecodester Stock Management System v1.0 is vulnerable to SQL Injection via...

Zend-Captcha Information Disclosure and Insufficient Entropy vulnerability

In Zend Framework, Zend_Captcha_Word (v1) and Zend\Captcha\Word (v2) generate a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this advisory, the selection was performed using PHP's internal array_rand() function. This function does not...

Online Birth Certificate System 1.2 - Stored Cross-Site Scripting

Online Birth Certificate System 1.2 contains multiple stored cross-site scripting vulnerabilities in the component /obcs/user/profile.php, which allows an attacker to execute arbitrary web script or HTML via a crafted payload injected into the fname or lname...

Information Disclosure

mantisbt/mantisbt is vulnerable to Information Disclosure. The vulnerability is due to insufficient access checks when generating hyperlinks for users who do not have access, allowing some information to be revealed via the link, link label, and...

Sourcecodester Online Event Booking and Reservation System 2.3.0 - Cross-Site Scripting

Sourcecodester Online Event Booking and Reservation System 2.3.0 contains a cross-site scripting vulnerability in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user...

Zendframework Potential Information Disclosure and Insufficient Entropy vulnerability

In Zend Framework, Zend_Captcha_Word (v1) and Zend\Captcha\Word (v2) generate a "word" for a CAPTCHA challenge by selecting a sequence of random letters from a character set. Prior to this advisory, the selection was performed using PHP's internal array_rand() function. This function does not...

ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities

In Zend Framework 2, the Zend\Math\Rand component generates random bytes using the OpenSSL or Mcrypt extensions when available but will otherwise use PHP's mt_rand() function as a fallback. All outputs from mt_rand() are predictable for the same PHP process if an attacker can brute force the seed.....

Slack integration leaks sensitive information in logs

Impact Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack verification token. With this verification token, it is possible under specific configurations, an attacker can forge...

Release Information for Veeam Backup & Replication 12.1 and Updates

Release Information for Veeam Backup & Replication 12.1 and...

Slack integration leaks sensitive information in logs

Impact Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack verification token. With this verification token, it is possible under specific configurations, an attacker can forge...

RestroPress – Online Food Ordering System < 3.1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated....

Vehicle Service Management System 1.0 - Stored Cross Site Scripting

Vehicle Service Management System 1.0 contains a stored cross-site scripting vulnerability via the Mechanic List section in login...

Use sha256 for hashing Microdroid system/vendor image (for vbmeta descriptor) | Currently using sha1

In buildPropFile of filesystem.go, there is a possible insecure hash due to an improperly used crypto. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...

Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection

Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...

Certain HP LaserJet Pro Printers – Potential Information Disclosure

A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed. Update your printer...

Security Bulletin: This Power System update is being released to address CVE-2024-31916

Summary This affects the BMC's HTTPS-based Redfish interface. Note the BMC's web-based ASMI interface uses the Redfish interface. Vulnerability Details ** CVEID: CVE-2024-31916 DESCRIPTION: **IBM OpenBMC's BMCWeb HTTPS server component could disclose sensitive URI content to an unauthorized actor.....

Prison Management System Using PHP SQL Injection

...

HP PC BIOS May 2024 Security Updates for Potential Stack Buffer Overflows

Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. HP has identified affected platforms and corresponding SoftPaqs...

Cleartext Transmission Of Sensitive Information

NASA AIT-Core is vulnerable to Cleartext Transmission of Sensitive Information. The vulnerability is due to using unencrypted channels to exchange data over the network, which allows an attacker to conduct a Man-in-the-Middle...

WordPress WPS Hide Login <1.9.1 - Information Disclosure

WordPress WPS Hide Login plugin before 1.9.1 is susceptible to incorrect authorization. An attacker can obtain the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user. This reveals the secret login...

4BRO Insecure Direct Object Reference / API Information Exposure

...

CVE-2024-5635

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely....

Sensitive Information leak via Log File in Kubernetes

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects &lt;...

Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

Eclipse Jetty <9.2.9.v20150224 - Sensitive Information Leakage

Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP...

Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

[ADP Grant] System Tracing can be used even if DISALLOW_DEBUGGING_FEATURES has been applied (MainTvActivity)

In various functions of various files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Hashicorp Vault may expose sensitive log information in github.com/hashicorp/vault

Hashicorp Vault may expose sensitive log information in...

Information Disclosure

github.com/zitadel/zitadel is vulnerable to an Information Disclosure. The vulnerability is due to inadequate error handling, which can allows expose sensitive database connection information to users during a connection...

Security Bulletin: IBM QRadar Suite software is vulnerable to information exposure

Summary IBM QRadar Suite software is vulnerable to information exposure through cache data. This has been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability...

Keycloak exposes sensitive information in Pushed Authorization Requests (PAR)

A flaw was found in Keycloak in the OAuth 2.0 Pushed Authorization Requests (PAR). Client provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a request_uri authorization request. This could lead to an...

Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure

Description The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data...

Aimeos HTML client may potentially reveal sensitive information in error log

Impact Debug information can reveal sensitive information from environment variables in error log Affected platform Laravel environments with multi-vendor setups and admin access for the...

[ADP Grant] System Tracing can be used even if DISALLOW_DEBUGGING_FEATURES has been applied (MainActivity)

In multiple functions of multiple files, there is a possible way to bypass the DISALLOW_DEBUGGING_FEATURES restriction for tracing due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for.....

APM Server vulnerable to Insertion of Sensitive Information into Log File

An issue was discovered whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest, this...

D-Link DIR-610 Devices - Information Disclosure

D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to...

Aimeos HTML client may potentially reveal sensitive information in error log

Debug information can reveal sensitive information from environment variables in error...

Cilium leaks sensitive information in cilium-bugtool in github.com/cilium/cilium

Cilium leaks sensitive information in cilium-bugtool in...

Chauffeur Taxi Booking System for WordPress < 7.0 - Authentication Bypass

Description The Chauffeur Taxi Booking System for WordPress plugin for WordPress is vulnerable to authenticated bypass in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's identity. This makes it possible for unauthenticated attackers to perform...

Sensitive Information Disclosure

github.com/helm/helm/ is vulnerable to Sensitive Information Disclosure. The vulnerability is due to displaying secret values during a --dry-run call, posing a security risk of information disclosure, especially in CI/CD tool...

Sourcecodester Car Rental Management System 1.0 - Stored Cross-Site Scripting

Sourcecodester Car Rental Management System 1.0 is vulnerable to cross-site scripting via the vehicalorcview...

Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure

Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true...

TYPO3 Information Disclosure Vulnerability Exploitable by Editors

It has been discovered, that editors with access to the file list module could list all files names and folder names in the root directory of a TYPO3 installation. Modification of files, listing further nested directories or retrieving file contents was not possible. A valid backend user account...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum Security Gateway Firmware

CVE-2024-24919-Exploit Overview This repository contains...

Security Bulletin: This Power System update is being released to address CVE-2023-37453

Summary This affects the BMC's physical USB ports. Vulnerability Details ** CVEID: CVE-2023-37453 DESCRIPTION: **Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds flaw in the read_descriptors function in drivers/usb/core/sysfs.c in the USB subsystem. By using a...

Prison Management System - SQL Injection Authentication Bypass

...

TYPO3 Disclosure of Information about Installed Extensions

It has been discovered that mechanisms used for configuration of RequireJS package loading are susceptible to information disclosure. This way a potential attack can retrieve additional information about installed system and third party...