WP Design Maps & Places Security Vulnerabilities

Exploit for CVE-2022-20452

Android 13 introduces many enhancements in order to harden...

CVE-2024-4609

A vulnerability exists in the Rockwell Automation FactoryTalk® View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in...

CVE-2024-1262

A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument pic_url leads to unrestricted...

CVE-2024-35895 bpf, sockmap: Prevent lock inversion deadlock in map delete elem

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

CVE-2023-1354

A vulnerability has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument...

CVE-2024-35895 bpf, sockmap: Prevent lock inversion deadlock in map delete elem

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

CVE-2023-2863

A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch....

CVE-2006-5460

Multiple PHP remote file inclusion vulnerabilities in Hinton Design phpht Topsites allow remote attackers to execute arbitrary PHP code via a URL in the phpht_real_path parameter to (1) index.php, (2) certain other scripts in the top-level directory, and (3) certain scripts in the admin/...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4J-CVE-Detect This repository contains a set of YARA...

CVE-2019-11444

An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by "def cmd =" in the ServerAdminPortlet_script value to group/control_panel/manage. Valid...

CVE-2019-11444

An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command].execute() call, as demonstrated by "def cmd =" in the ServerAdminPortlet_script value to group/control_panel/manage. Valid...

Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect Vulnerabilities

Concrete CMS version 9.2.7 suffers from information disclosure, open redirection, and persistent cross site scripting...

Code Reviewer

Reviews...

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities in multiple Open Source Software (OSS) components

Summary There are vulnerabilities in multiple Open Source Software (OSS) components consumed by IBM Planning Analytics Workspace. These issues have been addressed in IBM Planning Analytics 2.1.3 and IBM Planning Analytics 2.0.96 by upgrading or removing the vulnerable libraries. Please refer to...

Doppler: Acquisition on broken link listed on the page "https://docs.doppler.com/docs/removal-deprecated-packages-scripts in [scheduling a call]

Summary: Docs doppler has an unclaimed broken link on its doc page which can be claimed by any malicious user. Steps to reproduce: 1.Visit https://docs.doppler.com/docs/removal-deprecated-packages-scripts 2.Click on scheduling a call. {F3122702} The scheduling a call page points to...

CVE-2023-29218

The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as...

CVE-2022-23835

The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READ_SMS permission, and reads an IMAP credentialing message that is (by design) not displayed to the victim within the AOSP SMS/MMS...

Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config

Title: Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Device Config Advisory ID: ZSL-2024-5819 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary The REBLE610 features an accurate hardware design, absence of...

CVE-2023-1352

A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to.....

CVE-2022-23835

The Visual Voice Mail (VVM) application through 2022-02-24 for Android allows persistent access if an attacker temporarily controls an application that has the READ_SMS permission, and reads an IMAP credentialing message that is (by design) not displayed to the victim within the AOSP SMS/MMS...

CVE-2023-29218

The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as...

CVE-2024-4077

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign allows Reflected XSS.This issue affects UDesign: from n/a through...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4J-CVE-Detect This repository contains a set of YARA...

Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect

...

CVE-2024-4077

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign allows Reflected XSS.This issue affects UDesign: from n/a through...

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X")...

[SECURITY] Fedora 38 Update: python-django3-3.2.25-2.fc38

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...

CVE-2024-26924

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: do not free live element Pablo reports a crash with large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: add_elem("00000000") timeout 100 ms ... add_elem("0000000X") timeout...

CVE-2024-4077 WordPress UDesign theme <= 4.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign allows Reflected XSS.This issue affects UDesign: from n/a through...

ENL Newsletter <= 1.0.1 - Campaign Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary Campaigns via a CSRF...

CVE-2024-3059

The ENL Newsletter WordPress plugin through 1.0.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary Campaigns via a CSRF...

RHEL 7 : gitpython (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267) GitPython...

ENL Newsletter <= 1.0.1 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...

WP Go Maps < 9.0.35 - Information Exposure to Potential Denial of Service

Description The plugin is vulnerable to unauthenticated API key disclosure due to the plugin adding the API key to several plugin files. This makes it possible for unauthenticated attackers to obtain the developer's Google API key. While this does not affect the security of sites using this...

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user...

CVE-2023-25178 Controller design flaw - unsigned firmware

Controller may be loaded with malicious firmware which could enable remote code execution. See Honeywell Security Notification for recommendations on upgrading and...

MM-email2image <= 0.2.5 - Stored XSS via CSRF

Description The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...

CVE-2003-0249

PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-010)

The version of kernel installed on the remote host is prior to 5.4.162-86.275. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-010 advisory. A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler...

CVE-2024-3058

The ENL Newsletter WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...

CVE-2024-3076

The MM-email2image WordPress plugin through 0.2.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...

CVE-2024-31269 WordPress Easy Google Maps plugin <= 1.11.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps.This issue affects Easy Google Maps: from n/a through...

Apache Tomcat 9.0.0.M1 < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness

The version of Apache Tomcat installed on the remote host is 9.0.x prior to 9.0.5. It is, therefore, affected by a security constraints flaw which could expose resources to unauthorized users.); # http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.5 ...

CVE-2003-0249

PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache...

About the security content of macOS Monterey 12.7.5

About the security content of macOS Monterey 12.7.5 This document describes the security content of macOS Monterey 12.7.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

[SECURITY] Fedora 39 Update: python-django-4.2.11-2.fc39

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...

Important: kernel

Issue Overview: 2024-06-06: CVE-2021-47006 was added to this advisory. 2024-05-23: CVE-2021-47013 was added to this advisory. 2024-05-23: CVE-2021-46960 was added to this advisory. 2024-05-23: CVE-2021-47166 was added to this advisory. 2024-05-23: CVE-2021-46955 was added to this advisory....

RHEL 6 : procps-ng,_procps (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. procps-ng, procps: Local privilege escalation in top (CVE-2018-1122) procps-ng, procps is vulnerable to...

Cisco IOS XE Software Overlay Transport Virtualization (OTV) DoS

The remote Cisco device is affected by a denial of service vulnerability due to improper processing of oversized Overlay Transport Virtualization (OTV) frames. An unauthenticated, adjacent attacker can exploit this, by sending a large number of oversized OTV frames requiring fragmentation and...

CVE-2024-32004

A vulnerability was found in Git. This vulnerability can be exploited by an unauthenticated attacker who places a specialized repository on the target's local system. If the victim clones this repository, the attacker can execute arbitrary code. Mitigation Exercise caution when cloning...