An authenticated stored Cross-Site Scripting (XSS) vulnerability was found in Pimcore's Data Object Classification Store feature. This vulnerability occurs due to inadequate input filtering, enabling an authenticated attacker having access to the classification store to insert harmful JavaScript code. When other users view the impacted data, this injected code runs within their browser context.
The ABB Cylon Aspect 3.08.03 BMS/BAS controller is vulnerable to SQL injection through the key and user parameters, as they are not properly sanitized. This allows attackers to manipulate SQL queries, potentially leading to unauthorized access to the database or execution of arbitrary SQL commands.
An information disclosure vulnerability has been found in the GeoVision GV-ASManager web application with version 6.1.0.0 or lower. This vulnerability allows unauthorized access to sensitive information within the application, such as user accounts and clear text passwords, potentially leading to unauthorized access to monitoring cameras, access cards, and other critical data.
Vite versions <= 6.2.2, <= 6.1.1, <= 6.0.11, <= 5.4.14, <= 4.5.9 have a vulnerability that allows access to files outside the Vite serving allow list by adding specific query strings like `?raw??` or `?import&raw??` to the URL. This issue arises due to the removal of trailing separators in certain instances without considering them in query string regexes. Attackers can retrieve content from arbitrary files if present, affecting only applications explicitly exposing the Vite dev server to the network. Versions 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 address this vulnerability.
A vulnerability in AppSmith versions prior to v1.52 allows unauthenticated remote code execution due to a misconfigured PostgreSQL database that permits execution of the COPY FROM PROGRAM command. Attackers can exploit this to run arbitrary commands on the system hosting the application.
The WordPress Frontend Login and Registration Blocks Plugin version 1.0.7 allows attackers to escalate privileges by exploiting a vulnerability in the 'flrblocksusersettingsupdatehandle' action. This can lead to unauthorized changes in user settings.
The WordPress User Registration & Membership Plugin version 4.1.1 and below allows unauthenticated users to escalate privileges. An attacker can exploit this vulnerability to gain unauthorized access and perform malicious actions.
The ABB Cylon Aspect version 3.08.02 application is vulnerable to storing sensitive information in clear text within a Cookie. This includes the global parameter, where base64-encoded credentials are stored. By exploiting this vulnerability, a remote attacker can intercept the HTTP Cookie, gaining access to authentication credentials through a man-in-the-middle attack, potentially leading to unauthorized access to user accounts and sensitive data.
Reservit Hotel plugin version 2.1 does not properly sanitize and escape certain settings, allowing high privilege users, like admin, to execute Stored Cross-Site Scripting attacks. This vulnerability can be exploited even when the unfiltered_html capability is restricted.
The ABB Cylon Aspect BMS/BAS controller before 3.08.02 is vulnerable to authenticated OS command injection. Attackers can upload a specially crafted .db file that contains malicious shell commands. These commands are then executed on the server through the copyFile.sh script, bypassing filename sanitization.
Services By CQR