The Angular-Base64-Upload Library version 0.1.21 and prior is vulnerable to unauthenticated remote code execution (RCE). An attacker can exploit this vulnerability to execute arbitrary code on the target system without authentication. This exploit has been assigned CVE-2024-42640.
Garage Management System 1.0 is vulnerable to stored XSS due to inadequate client-side validation. An attacker can manipulate a request using tools like Burp Suite to evade validation, leading to the injection of malicious scripts into the 'categoriesName' parameter. This can result in the execution of arbitrary scripts in the context of the user's browser.
The ABB Cylon Aspect BMS/BAS controller is vulnerable to session fixation, allowing an attacker to set a predefined PHPSESSID value. This can be exploited by leveraging an unauthenticated reflected XSS vulnerability in jsonProxy.php to inject a crafted request, forcing the victim to adopt a fixated session.
A stored XSS vulnerability in Nagios Log Server 2024R1.3.1 allows a low-privileged user to inject malicious JavaScript into the 'email' field of their profile. When an administrator views the audit logs, the script executes, resulting in privilege escalation via unauthorized admin account creation. The vulnerability can be chained to achieve remote code execution (RCE) in certain configurations.
SureTriggers OttoKit Plugin version 1.0.82 and below is vulnerable to privilege escalation. By exploiting this vulnerability, an attacker can create an administrator account on the target WordPress site if the plugin is installed but uninitialized, and the site displays the REST API endpoint '/wp-json/sure-triggers/v1/automation/action'. The attacker can send a crafted HTTP POST request to achieve this.
NVIDIA Container Toolkit 1.16.1 and earlier versions are vulnerable to a Time-of-check Time-of-Use (TOCTOU) exploit. An attacker can leverage a specially crafted container image to access the host file system when default configurations are used. This exploit could result in various consequences such as code execution, denial of service, privilege escalation, information disclosure, and data manipulation.
The ABB BMS/BAS controller in ABB Cylon Aspect 3.08.02 allows authenticated users to store malicious scripts. By manipulating the 'host' POST parameter, an attacker can inject arbitrary HTML/JS code into the application. This can lead to the execution of unauthorized code within the user's browsing session.
An open redirect vulnerability exists in KodExplorer 4.52. By manipulating the 'link' parameter in the URL, an attacker can craft a malicious URL that appears legitimate to redirect users to a different, malicious website upon login.
The ABB Cylon Aspect BMS/BAS controller version 4.00.00 is vulnerable to unauthenticated reflected cross-site scripting (XSS) through the 'title' GET parameter. Attackers can execute malicious HTML/JS code in a user's browser within the context of the affected site.
IBM Navigator for i is vulnerable to a security token bypass issue (CVE-2024-51464). By manipulating the last eight digits of the security token ID, an authenticated attacker can craft a specially designed request to bypass the Navigator for i interface restrictions. This allows the attacker to perform unauthorized operations remotely, exploiting the integrity check mechanism of the web application.
Services By CQR