CVE-2022-3400
The Bricks theme for WordPress is vulnerable to authorization bypass due to a missing capability check on the bricks_save_post AJAX action in versions 1.0 to 1.5.3. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to edit any page, post, or template on the vulnerable WordPress website.
Source: CVE-2022-3400
CVE-2022-39366
DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because the `StatelessTokenService` of the Metadata service uses the `parse` method of `io.jsonwebtoken.JwtParser`, which does not perform a verification of the cryptographic token signature. This means that JWTs are accepted regardless of the used algorithm. This issue may lead to an authentication bypass. Version 0.8.45 contains a patch for the issue. There are no known workarounds.
Source: CVE-2022-39366
CVE-2022-2864
The demon image annotation plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.7. This is due to missing nonce validation in the ~/includes/settings.php file. This makes it possible for unauthenticated attackers to modify the plugin’s settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Source: CVE-2022-2864
CVE-2022-39367
QTIWorks is a software suite for standards-based assessment delivery. Prior to version 1.0-beta15, the QTIWorks Engine allows users to upload QTI content packages as ZIP files. The ZIP handling code does not sufficiently check the paths of files contained within ZIP files, so can insert files into other locations in the filesystem if they are writable by the process running the QTIWorks Engine. In extreme cases, this could allow anonymous users to change files in arbitrary locations in the filesystem. In normal QTIWorks Engine deployments, the impact is somewhat reduced because the default QTIWorks configuration does not enable the public demo functionality, so ZIP files can only be uploaded by users with "instructor" privileges. This vulnerability is fixed in version 1.0-beta15. There are no database configuration changes required when upgrading to this version. No known workarounds for this issue exist.
Source: CVE-2022-39367
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection.
Source: CVE-2022-37426
CVE-2022-37425
Improper Neutralization of Special Elements used in a Command (‘Command Injection’) vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion.
Source: CVE-2022-37425
CVE-2022-3697
A flaw was found in Ansible in the amazon.aws collection when using the tower_callback parameter from the amazon.aws.ec2_instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs.
Source: CVE-2022-3697
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery.
Source: CVE-2022-37424
CVE-2021-38730
SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php.
Source: CVE-2021-38730
CVE-2021-38731
SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php.
Source: CVE-2021-38731