| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An improper access check allows privilege escalation through the com_users batch task. |
| An improper access check allows privelege escalation through the com_users group editing webservice endpoint. |
| Lack of output escaping leads to a XSS vector in the feed modules. |
| An improper access check allows unauthorized access to com_config webservice endpoints. |
| The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. |
| An improper access check allowed low privileged users to edit the task types of existing scheduler tasks. |
| An improper access check allows privilege escalation through the com_users batch task. |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request handler resolves the served directory by joining the configured --dir with the value of the client-supplied Host header. The join is performed by filepath.Join with no validation, so a Host: .. header walks one level above the document root. Subsequent file resolution then exposes everything in that parent directory — arbitrary file read, full directory listing, and, if any .lua file is present, server-side Lua execution. This vulnerability is fixed in 1.17.8. |
| Lack of output escaping leads to a XSS vector in the multilingual associations component. |
| Insufficient state checks lead to a vector that allows to bypass 2FA checks. |
| Lack of input filtering leads to an XSS vector in the HTML filter code. |
| An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. |
| MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads in the email field to extract sensitive database information from the backend MySQL database. |
| Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog to trigger a reverse shell with system privileges. |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection.
This issue affects Broadcast Live Video: from n/a before 7.1.3. |
| Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Sunshine Photo Cart: from n/a through 3.6.7. |
| A weakness has been identified in blitz-js blitz up to 3.0.2 on GitHub. This impacts an unknown function of the file packages/generator/templates/app/src/app/auth/components/LoginForm.tsx of the component Sign-in. This manipulation of the argument Next causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
| A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0, GS1200-8v3 firmware versions through 1.00(ACPT.2)C0, GS1200-5HPv3 firmware versions through 1.00(ACPU.2)C0, GS1200-8HPv3 firmware versions through 1.00(ACPV.2)C0, and GS1200-10v3 firmware versions through 1.00(ACPW.2)C0 could allow a LAN-based, unauthenticated attacker to read the system configuration from a log file via a crafted HTTP request. |
| MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability |
| MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability |
