Skip to content

TechMedia

Header Image
Category

MODERATE

588 Posts

Featured

Posted byWpmaster
[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces
Posted byWpmaster
[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire
Posted byWpmaster
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control
Posted byWpmaster
[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter

[passport-wsfed-saml2] Authentication Bypass for passport-wsfed-saml2

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/16/2022

Overview
A remote attacker can bypass WSFed authentication on a website using passport-wsfed-saml2. A successful attack requires that the attacker is in possession of an arbitrary IDP signed WSFed assertion. Depending on the IDP used, fully unauthentic…

[typo3/cms] TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/15/2022

Problem
Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visi…

[typo3/cms] TYPO3 CMS vulnerable to Insufficient Session Expiration after Password Reset

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/15/2022

Problem
When users reset their password using the corresponding password recovery functionality, existing sessions for that particular user account were not revoked. This applied to both frontend user sessions and backend user sessions.
Solution
Update…

[typo3/cms] TYPO3 CMS vulnerable to Weak Authentication in Frontend Login

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/15/2022

Problem
Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account – however, credentials must be k…

[typo3/cms] TYPO3 CMS vulnerable to Denial of Service in Page Error Handling

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/15/2022

Problem
Requesting invalid or non-existing resources via HTTP triggers the page error handler, which again could retrieve content to be shown as an error message from another page. This leads to a scenario in which the application is calling itself rec…

[typo3/cms] TYPO3 HTML Sanitizer vulnerable to Cross-Site Scripting

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/14/2022

Problem
Due to a parsing issue in the upstream package masterminds/html5, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized. This allows bypassing the cross-site scripting mechanism of typo3/html-sani…

[org.apache.cxf:cxf-core] Apache CXF vulnerable to Exposure of Sensitive Information

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/14/2022

A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redir…

[cn.hutool:hutool-json] hutool-json stack overflow vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/14/2022

A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-45688
https://github.com/dromara/hutool/is…

[cn.hutool:hutool-json] hutool-json stack overflow vulnerability

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/14/202212/14/2022

A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service (DoS) via crafted JSON or XML data.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-45690
http…

[mpl-candy-machine] Candy Machine Set Collection During Mint Missing Check

  • Posted inMODERATE
  • Posted byWpmaster
  • 12/13/202212/13/2022

A problem with Candy Machine V2 allow minting NFTs to an arbitrary collection due to a missing check.
Here is a description of the exploit:
Details:
Here is the tx/ix to exploit:
Transaction:
Ix 1: candy_machine v2, mint_nft, passing in empty metadata …

Posts navigation

Previous Posts 1 … 27 28 29 30 31 … 59 Next Posts
TechMedia
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close