ABB Cylon Aspect version 3.07.02 uses a weak set of default administrative credentials that can be guessed in remote password attacks and used to gain full control of the system.
abdeff4284c7fe44c3e55417d31b7d1ca3841538897dfe4c0808b510db1dacc3
ABB Cylon Aspect version 3.08.00 suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the MODEM HTTP POST parameter called by the dialupSwitch.php script.
a4086eec7a5ee5c9db9cd5f10469f947a7061c1d4d1d322d7820c84737b04b5e
ABB Cylon Aspect version 3.07.02 suffers from a vulnerability that allows an unauthenticated attacker to enable or disable the SSH daemon by sending a POST request to sshUpdate.php with a simple JSON payload. This can be exploited to start the SSH service on the remote host without proper authentication, potentially enabling unauthorized access or stop and deny service access.
b3763bcb69fec8fa8456518bda4905438794f1034a56b68246980d06fc740b58
TerraMaster TOS version 4.2.29 suffers from a remote code injection vulnerability leveraging a local file inclusion vulnerability.
47788fafaa57a0578fe61fae3aba9174fdcd4e9caddb1374b93de92e53260e4a
SolarView Compact version 6.00 suffers from a PHP code injection vulnerability.
afb7c824b8a452a7e349a92945e4f923c65efb017c72b8f15dc3710d87d468e4
Openfire version 4.8.0 suffers from authentication bypass and code injection vulnerabilities.
eefc137002c1066cce87682437ffa243da616e4655906ff7e940a9880c1521fa
MagnusBilling version 6.x suffers from a PHP code injection vulnerability.
8afee02e52dfc7e60f0795a499d4d51a65da1ef81b17761aba9000d194ee19be
Kafka UI version 0.7.1 suffers from a remote code injection vulnerability.
f6954aa312113773c4c6cf140221ca2fecef7f97142ccba843f932cb4517b4e9
GL.iNet version 4.4.3 suffers from authentication bypass and code injection vulnerabilities.
c0bd892d4ce8d30e3432ddef1187ae27e61ca1614db2d2530154b6a6e003a28c
Gibbon School Platform version 26.0.00 suffers from a PHP code injection vulnerability.
e4e57257a6af48db80f9631152fb25298130f59964899699bca602c17cfd7836
Craft CMS version 4.4.14 suffers from a PHP code injection vulnerability.
1f149768386bf46995caf4d51e649f8b66d41ec64b6663664584c8357eb34ffb
Chamilo version 1.11.18 suffers from a PHP code injection vulnerability.
96e2fd6800e4eae0de444f883558a648f96062c2ef4ccf1b635571eb64c66dde
Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.
c1517d7efd5b58efb0947f3e574c94e4dff36e9127ec54ebd5658e96d60b3efb
ABB Cylon Aspect version 3.08.01 has a directory traversal vulnerability that can be exploited by an unauthenticated attacker to list the contents of arbitrary directories without reading file contents, leading to information disclosure of directory structures and filenames. This may expose sensitive system details, aiding in further attacks. The issue lies in the listFiles() function of the persistenceManagerAjax.php script, which calls PHP's readdir() function without proper input validation of the directory POST parameter.
6fe5412f92cf9da09187b01562243fec9b9cf0b1251cbfd3a890fd1a773702c5
Palo Alto Networks GlobalProtect versions 5.1.x, 5.2.x, 6.0.x, 6.1.x, 6.3.x and versions less than 6.2.5 suffer from a local privilege escalation vulnerability.
bdf5f12114d9810353407e9bf2aa69dff68a900d64bc056a6fe658b1f27ea756
Android GKI kernels contain broken non-upstream Speculative Page Faults MM code that can lead to use-after-free conditions.
66f3d20525ff0676542d2ca32e25362978413e0665982d4a600608e52b0a2fcf
There is an integer overflow in dav1d when decoding an AV1 video with large width/height. The integer overflow may result in an out-of-bounds write.
2e6ee0c003e7075d02a19941dea59ff9838200ead28039478bb67d1a365c5bdc
ABB Cylon Aspect version 3.08.01 suffers from an arbitrary file deletion vulnerability. Input passed to the file parameter in calendarFileDelete.php is not properly sanitized before being used to delete calendar files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using directory traversal sequences passed within the affected POST parameter.
af2f7d68963611fa4772fa49e8fd86c81c3df85b1983689743ab1d4ffc0561a5
The Top module for PHP-Nuke versions 6.x and below 7.6 suffers from a remote SQL injection vulnerability.
3a92ffde9b535fb265d6a04a22334f353b0ca9559e82557ef8693c270d32986f
GenGravSSTIExploit is a proof of concept Python script that exploits an authenticated server-side template injection (SSTI) vulnerability in Grav CMS versions 1.7.44 and below. This vulnerability allows a user with editor permissions to execute OS commands on a remote server.
320840a574bd1e39d76e644a70206a220bf7e080390462bcc9fbdf69d6cd628a
This script exploits the issue noted in CVE-2024-45409 that allows an unauthenticated attacker with access to any signed SAML document issued by the IDP to forge a SAML Response/Assertion and gain access as any user on GitLab. Ruby-SAML versions below or equal to 12.2 and versions 1.13.0 through 1.16.0 do not properly verify the signature of the SAML Response.
d08713f2b53b8375bee1c935a8aa40df427334d91a9660f64086fe0c225c0c55
This is a thorough write up of how to exploit a local privilege escalation vulnerability in iTunes for Windows version 12.13.2.3. Apple fixed this in version 12.13.3.
d695b4f1b1028346552105f4ee8239edee8add156e7b797895b5d5337070f75f
ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the SYSLOG HTTP POST parameter called by the syslogSwitch.php script.
bd108fa7ce900744b1676f5426423c1034cfcf86df1a6c72f006197b3c7c4616
ABB Cylon Aspect versions 3.08.01 and below suffer from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the Footer HTTP POST parameter called by the caldavUtil.php script.
8a578a88dc628bdf9030f24dfeb5efed5a2916122d7b2c6617ee5215c5c7a0d4
ABB Cylon Aspect versions 3.08.00 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the timeserver HTTP POST parameter called by the setTimeServer.php script.
7a951ff7fa25dce192577e79009a2ecc161d07c5d3e93a4698034aee54606ea7