Security News

[CVE-2019-9083] Blind SQL injection in SQLiteManager 1.2.0 (and 1.2.4)

Full Disclosure - 26 February, 2019 - 15:31

Posted by Rafael Pedrero on Feb 26

<!--
# Exploit Title: Blind SQL injection in SQLiteManager 1.2.0 (and 1.2.4)
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.sqlitemanager.org/
# Software Link: http://www.sqlitemanager.org/
# Version: SQLiteManager 1.2.0 (and 1.2.4)
# Tested on: All
# CVE : CVE-2019-9083
# Category: webapps

1. Description

SQLiteManager 1.2.0 (and 1.2.4) allows SQL injection via the
/sqlitemanager/main.php dbsel parameter....

CVE-2019-1000032: Memory corruption / DoS in nanosvg

Full Disclosure - 26 February, 2019 - 15:00

Posted by Sebastian Neef on Feb 26

The SVG library nanosvg [0] suffers from a memory corruption bug that can lead to at least DoS.

The bug exists in the `nsvg__parseColorRGB` function, which can be reached by parsing a malicious SVG file through
`nsvgParseFromFile` or `nsvgParse`. This should also affect libraries/packages that provide bindings to nanosvg, for
example:

- Lua: https://github.com/iongion/lunavg
- Python: https://github.com/ethanhs/pynanosvg
- Java:...

[slackware-security] file (SSA:2019-054-01)

Bug Traq - 24 February, 2019 - 23:47

Posted by Slackware Security Team on Feb 24

[slackware-security] file (SSA:2019-054-01)

New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/file-5.36-i586-1_slack14.2.txz: Upgraded.
Fix out-of-bounds read and denial-of-service security issues:
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906...

[SECURITY] [DSA 4377-3] rssh security update

Bug Traq - 24 February, 2019 - 23:43

Posted by Moritz Muehlenhoff on Feb 24

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4377-3 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 22, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : rssh
CVE ID : CVE-2019-1000018
Debian Bug :...

CVE-2019-8939: XSS in Tautulli

Full Disclosure - 22 February, 2019 - 13:20

Posted by Geeknik Labs via Fulldisclosure on Feb 22

Tautulli (https://tautulli.com/) is a Python based monitoring and tracking tool for Plex Media Server.

We discovered that an authenticated Plex Media Server user could change their Plex username to include JavaScript and
Tautulli would fail to sanitize the username so that when the Plex Media Server administrator viewed certain pages
generated by Tautulli, the JavaScript would be executed in the context of the server administrator.

This was...

Vuln: Rockwell Automation Allen-Bradley PowerMonitor Multiple Security Vulnerabilities

Security Focus Vulnerabilities - 22 February, 2019 - 00:00
Rockwell Automation Allen-Bradley PowerMonitor Multiple Security Vulnerabilities

Kanboard 1.2.7 Multiple Vulnerabilities

Full Disclosure - 21 February, 2019 - 03:57

Posted by Will Boucher via Fulldisclosure on Feb 21

Kanboard 1.2.7 Multiple Vulnerabilities

Kanboard 1.2.7 contains multiple vulnerabilities. The vulnerabilities include CSV account import cross site request
forgery which allows an unauthenticated attacker to create a new administrative user. Cross site request forgery 2FA
deactivation, allowing an unauthenticated attacker to disable an account's 2FA configuration. A lack of integrity
checking or transport layer encryption enforced on...

Multiple issues in Teracue ENC-400 including pre-authenticated remote code execution

Full Disclosure - 21 February, 2019 - 03:56

Posted by Stephen Shkardoon on Feb 21

Introduction
============

Multiple vulnerabilities were identified within the Teracue ENC-400,
including pre-authenticated remote code authentication. While the vendor
has released updated firmware after these issues were identified, they are
not all resolved with the latest version of the firmware.

Product
=======

The Teracue ENC-400 is accessible over an HTTP interface, which allows
device configuration (including setting passwords or video...

[CVE-2019-8938] Cross Site Scripting in VertrigoServ 2.17

Full Disclosure - 21 February, 2019 - 03:56

Posted by Rafael Pedrero on Feb 21

<!--
# Exploit Title: Cross Site Scripting in VertrigoServ 2.17
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://vertrigo.sf.net
# Software Link: http://vertrigo.sf.net
# Version: VertrigoServ 2.17
# Tested on: All
# CVE : CVE-2019-8938
# Category: webapps

1. Description

VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.
NOTE: This product is discontinued.

2. Proof of Concept...

[CVE-2018-18845] Cross Site Scripting in Advanced comment system v1.0

Full Disclosure - 21 February, 2019 - 03:56

Posted by Rafael Pedrero on Feb 21

I thought I had reported it but not, better late than never.

<!--
# Exploit Title: Cross Site Scripting in Advanced comment system v1.0
# Date: 29-10-2018
# Exploit Author: Rafael Pedrero
# Vendor Homepage: http://www.plohni.com
# Software Link:
http://www.plohni.com/wb/content/php/download/Advanced_comment_system_1-0.zip,
https://web.archive.org/web/20120214173003/http://www.plohni.com/wb/content/php/download/Advanced_comment_system_1-0.zip...

[CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone

Full Disclosure - 21 February, 2019 - 03:56

Posted by Rafael Pedrero on Feb 21

<!--
# Exploit Title: Path traversal vulnerability in Netflow Analyzer
Professional v7.0.0.2 Administration zone
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage: https://www.manageengine.com/products/netflow/?doc
# Software Link: https://www.manageengine.com/products/netflow/?doc
# Version: Netflow Analyzer Professional v7.0.0.2 Administration zone
# Tested on: all
# CVE : CVE-2019-8925
# Category: webapps

1. Description...

[CVE-2019-8923, CVE-2019-8924] SQL injection and persistent Cross Site Scripting in XAMPP 5.6.8 (and previous)

Full Disclosure - 21 February, 2019 - 03:56

Posted by Rafael Pedrero on Feb 21

<!--
# Exploit Title: SQL injection in XAMPP 5.6.8 (and previous)
# Date: 17-02-2019
# Exploit Author: Rafael Pedrero
# Vendor Homepage:
https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/5.6.8/
# Software Link:
https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/5.6.8/
# Version: XAMPP 5.6.8
# Tested on: All
# CVE : CVE-2019-8923
# Category: webapps

1. Description

XAMPP through 5.6.8 allows SQL injection via the...

CA20190212-01: Security Notice for CA Privileged Access Manager

Full Disclosure - 21 February, 2019 - 03:54

Posted by Kevin Kotas via Fulldisclosure on Feb 21

CA20190212-01: Security Notice for CA Privileged Access Manager

Issued: February 12, 2019
Last Updated: February 12, 2019

CA Technologies Support is alerting customers to a potential risk
with CA Privileged Access Manager. A vulnerability exists that can
allow a remote attacker to access sensitive information or modify
configuration. CA published solutions to address the vulnerabilities.

CVE-2019-7392 describes a vulnerability resulting from...

Re: Reflected Cross-site Scripting Vulnerability in Collabtive 3.1

Full Disclosure - 21 February, 2019 - 03:53

Posted by Henri Salo on Feb 21

CVE-2019-8935 has been assigned for this vulnerability.

Multiple Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4

Full Disclosure - 21 February, 2019 - 03:53

Posted by Daniel Bishtawi on Feb 21

Hello,

We are glad to inform you about the vulnerabilities we reported in HTMLy
2.7.4.

Here are the details:

Advisory by Netsparker
Name: Cross-Site Scripting Vulnerabilities in HTMLy 2.7.4
Affected Software: HTMLy
Affected Versions: 2.7.4
Homepage: https://github.com/danpros/htmly
Vulnerability: Cross-Site Scripting
Severity: High
Status: Not Fixed
CVE-ID: CVE-2019-8349
CVSS Score (3.0): CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Netsparker...

Open Redirection Vulnerability in GetSimpleCMS 3.3.13

Full Disclosure - 21 February, 2019 - 03:53

Posted by Daniel Bishtawi on Feb 21

Hello,

We are glad to inform you about the vulnerabilities we reported in
GetSimpleCMS 3.3.13.

Here are the details:

Advisory by Netsparker
Name: Open Redirection Vulnerability in GetSimpleCMS
Affected Software: GetSimpleCMS
Affected Versions: 3.3.13
Homepage: http://get-simple.info/
Vulnerability: Open Redirection
Severity: Medium
Status: Not Fixed
CVSS Score (3.0): AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Netsparker Advisory Reference: NS-18-056...

[SAUTH-2019-0001] - Micro Focus Filr Multiple Vulnerabilities

Full Disclosure - 21 February, 2019 - 03:52

Posted by advisories on Feb 21

SecureAuth - SecureAuth Labs Advisory
http://www.secureauth.com/

Micro Focus Filr Multiple Vulnerabilities

1. *Advisory Information*

Title: Micro Focus Filr Multiple Vulnerabilities
Advisory ID: SAUTH-2019-0001
Advisory URL:
https://www.secureauth.com/labs/advisories/micro-focus-filr-multiple-vulnerabilities
Date published: 2019-02-20
Date of last update: 2019-02-20
Vendors contacted: Micro Focus
Release mode: Coordinated release

2....

[SRP-2018-02] Details of a vulnerability in STMicroelectronics' chipset

Bug Traq - 21 February, 2019 - 00:27

Posted by Adam Gowdiak on Feb 20

Hello All,

Technical details of ST chipset vulnerability has been released
and are now included in our technical report pertaining to the
security of NC+ SAT TV platform.

As indicated last week, the release is made as a direct result
of no interest in this research.

Updated version of the report, associated Proof of Concept codes
and tools can be downloaded from SRP-2018-02 project location:...

Vuln: Cisco Webex Meetings Online CVE-2019-1680 Security Bypass Vulnerability

Security Focus Vulnerabilities - 21 February, 2019 - 00:00
Cisco Webex Meetings Online CVE-2019-1680 Security Bypass Vulnerability

Vuln: Opencontainers runc CVE-2019-5736 Local Command Execution Vulnerability

Security Focus Vulnerabilities - 21 February, 2019 - 00:00
Opencontainers runc CVE-2019-5736 Local Command Execution Vulnerability
Syndicate content