Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify webs…
[publify_core] Incorrect Authorization in publify
Improper Access Control in GitHub repository publify/publify prior to 9.2.8. Anonymous users can’t view but can leave comments on an article in draft mode.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0574
https://github.com/publify/publify/co…
[publify_core] Code injection in publify
Code Injection in GitHub repository publify/publify prior to 9.2.8.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0578
https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7
https://huntr.dev/bounties/02c81928-eb47-4…
[IpMatcher] Improper Input Validation in IpMatcher
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the int…
[org.craftercms:craftercms] Improper Control of Dynamically-Managed Code Resources in Crafter CMS
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-23267
http…
[org.craftercms:craftercms] Log value insertion in craftercms
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-23266
https://docs.craftercms.org/en/3.1/se…
[org.craftercms:craftercms] Improper Privilege Management in craftercms
A logged-in and authenticated user with a Reviewer Role may lock a content item.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-23265
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601
https://github.com/advisories/GHSA-fj9v…
[github.com/fluxcd/flux2] Improper kubeconfig validation allows arbitrary code execution
Flux2 can reconcile the state of a remote cluster when provided with a kubeconfig with the correct access rights. Kubeconfig files can define commands to be executed to generate on-demand authentication tokens. A malicious user with write access to a F…
[org.apache.tomcat:tomcat] Directory Traversal in Apache Tomcat
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to byp…
[org.simpleframework:simple-xml] SimpleXML vulnerable to XML External Entity (XXE)
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.
References
https://nvd.nist.gov/vuln/detail/CVE-2017-1000190
https://github.com/ngallagher/simplexml/issues/18
https://lists….