» 2020 » 2월

CVE-2019-20059

Posted on 2020년 2월 10일2020년 2월 11일 by admin

CVE-2019-20059

payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732.

Source: CVE-2019-20059

CVE-2019-20060

Posted on 2020년 2월 10일2020년 2월 11일 by admin

CVE-2019-20060

MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information.

Source: CVE-2019-20060

CVE-2019-20061

Posted on 2020년 2월 10일2020년 2월 11일 by admin

CVE-2019-20061

The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5.4 may leak the (system-picked) password if this email is sent in cleartext. In other words, the user is not allowed to choose their own initial password.

Source: CVE-2019-20061

CVE-2020-8825

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2020-8825

index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.

Source: CVE-2020-8825

CVE-2020-7060

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2020-7060

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

Source: CVE-2020-7060

CVE-2020-7059

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2020-7059

When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.

Source: CVE-2020-7059

CVE-2020-8823

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2020-8823

htmlfile in lib/transport/htmlfile.js in SockJS before 3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback) parameter.

Source: CVE-2020-8823

CVE-2020-8822

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2020-8822

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application.

Source: CVE-2020-8822

CVE-2017-18641

Posted on 2020년 2월 10일2020년 2월 10일 by admin

CVE-2017-18641

In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.

Source: CVE-2017-18641

CVE-2015-5741

Posted on 2020년 2월 9일2020년 2월 9일 by admin

CVE-2015-5741

The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.

Source: CVE-2015-5741