Security
Headlines
HeadlinesLatestCVEs

Tag

#php

WordPress LiteSpeed Cache Cookie Theft

This Metasploit module exploits an unauthenticated account takeover vulnerability in LiteSpeed Cache, a WordPress plugin that currently has around 6 million active installations. In LiteSpeed Cache versions prior to 6.5.0.1, when the Debug Logging feature is enabled, the plugin will log admin cookies to the /wp-content/debug.log endpoint which is accessible without authentication. The Debug Logging feature in the plugin is not enabled by default. The admin cookies found in the debug.log can be used to upload and execute a malicious plugin containing a payload.

Packet Storm
Open in Source
#vulnerability#windows#linux#git#wordpress#php#auth#ibm
Dockwatch Remote Command Execution

Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials for access. It has a Commands feature that allows a user to run docker commands such as inspect, network, ps. Prior to fix, it did not restrict input for parameters, so both container and parameters for the dockerInspect command were vulnerable to shell command injection on the container as the abc user with (limited) command output. See commits 23df366 and c091e4c for fixes.

GHSA-6rgh-r6j3-3223: czim/file-handling vulnerable to SSRF and directory traversal

The czim/file-handling package before 1.5.0 and 2.x before 2.3.0 (used with PHP Composer) does not properly validate URLs within makeFromUrl and makeFromAny, leading to SSRF, and to directory traversal for the reading of local files.

GHSA-vm6r-j788-hjh5: Contao affected by remote command execution through file upload

### Impact Back end users with access to the file manager can upload malicious files and execute them on the server. ### Patches Update to Contao 4.13.49, 5.3.15 or 5.4.3. ### Workarounds Configure your web server so it does not execute PHP files and other scripts in the Contao file upload directory. ### References https://contao.org/en/security-advisories/remote-command-execution-through-file-uploads ### For more information If you have any questions or comments about this advisory, open an issue in [contao/contao](https://github.com/contao/contao/issues/new/choose). ### Credits Thanks to Jakob Steeg from usd AG for reporting this vulnerability.

Ship Ferry Ticket Reservation System 1.0 SQL Injection

Ship Ferry Ticket Reservation System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Reservation Management System 1.0 Cross Site Request Forgery

Reservation Management System version 1.0 suffers from a cross site request forgery vulnerability.

Online Job Recruitment Portal Project 1.0 Arbitrary File Upload

Online Job Recruitment Portal Project version 1.0 suffers from an arbitrary file upload vulnerability.

Emergency Ambulance Hiring Portal 1.0 SQL Injection

Emergency Ambulance Hiring Portal version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.