Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-11068

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-19 Jun, 2020 | 19:24
Updated At-06 Aug, 2024 | 03:47
Rejected At-
Credits

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:19 Jun, 2020 | 19:24
Updated At:06 Aug, 2024 | 03:47
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://mattermost.com/security-updates/
x_refsource_CONFIRM
Hyperlink: https://mattermost.com/security-updates/
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://mattermost.com/security-updates/
x_refsource_CONFIRM
x_transferred
Hyperlink: https://mattermost.com/security-updates/
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:19 Jun, 2020 | 20:15
Updated At:24 Jun, 2020 | 18:53

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Mattermost, Inc.
mattermost
>>mattermost_server>>Versions before 3.2.0(exclusive)
cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-74Primarynvd@nist.gov
CWE ID: CWE-74
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://mattermost.com/security-updates/cve@mitre.org
Vendor Advisory
Hyperlink: https://mattermost.com/security-updates/
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

72Records found
CVE-2017-18923
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.37%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 19:47
Updated-05 Aug, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials.

Action-Not Available
Vendor-beronetn/a
Product-bf16001t1boxbfsb4xo4xsbfsb2hybfsb4xsbf64002t1boxbfsb4xobfsb2s02xovoice_over_internet_protocol_gateways_firmwarebf16001e1boxbf64002e1boxbfsb1s0bn16fxsfax_cbn16fxsfax_bbfsb2s0bf4001t1boxbf4001e1boxn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-12965
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.81% / 73.32%
||
7 Day CHG+0.19%
Published-04 Feb, 2022 | 22:29
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-athlon_3150geathlon_gold_pro_3150ge_firmwareathlon_pro_200ge_firmwareryzen_5600x_firmwareryzen_5800x_firmwareryzen_threadripper_1920x_firmwareathlon_3150g_firmwareryzen_pro_4350ge_firmwareryzen_threadripper_2950x_firmwareryzen_5600gathlon_silver_pro_3125ge_firmwareryzen_pro_3200g_firmwareathlon_3050geryzen_5600geryzen_threadripper_1900xathlon_pro_300geryzen_pro_3400g_firmwareryzen_pro_3900ryzen_pro_3700_firmwareryzen_threadripper_2970wxryzen_5600ge_firmwareryzen_pro_5750geathlon_gold_pro_3150gryzen_pro_5650geryzen_threadripper_2920x_firmwareryzen_5600g_firmwareryzen_pro_3600_firmwareathlon_silver_pro_3125geryzen_pro_2400geryzen_pro_4650gryzen_threadripper_3960x_firmwareryzen_pro_5750ge_firmwareryzen_threadripper_3960xryzen_threadripper_2950xryzen_pro_3400ge_firmwareryzen_pro_4750ge_firmwareryzen_threadripper_pro_3975wxryzen_threadripper_1950xryzen_threadripper_pro_3945wx_firmwareryzen_threadripper_1950x_firmwareryzen_5900xryzen_5300ge_firmwareryzen_pro_5650g_firmwareathlon_pro_300ge_firmwareryzen_pro_3350gryzen_4700geryzen_5700gryzen_4600g_firmwareryzen_threadripper_2970wx_firmwareryzen_5800xryzen_pro_2200geryzen_threadripper_1900x_firmwareryzen_pro_5350ge_firmwareryzen_5700ge_firmwareryzen_threadripper_pro_3995wxryzen_4300ge_firmwareryzen_pro_3200geryzen_5300g_firmwareryzen_pro_3200ge_firmwareryzen_4700gryzen_pro_5350geryzen_pro_2400g_firmwareryzen_4300g_firmwareryzen_threadripper_2920xryzen_pro_3350g_firmwareryzen_threadripper_pro_3955wxryzen_pro_4650geryzen_pro_4350gryzen_pro_5750g_firmwareryzen_pro_2400gryzen_4600gryzen_5950x_firmwareryzen_pro_4650g_firmwareathlon_3050ge_firmwareryzen_pro_5350gryzen_threadripper_pro_3955wx_firmwareryzen_4300geryzen_5600xryzen_pro_4750geryzen_5300geryzen_threadripper_1920xryzen_pro_4750g_firmwareryzen_threadripper_pro_3995wx_firmwareryzen_4600geryzen_4700ge_firmwareathlon_gold_pro_3150geryzen_4700g_firmwareryzen_pro_4350geryzen_5950xryzen_pro_5650gryzen_pro_2200g_firmwareathlon_3150gryzen_pro_4350g_firmwareryzen_pro_3900_firmwareryzen_pro_3200gryzen_threadripper_3990x_firmwareathlon_gold_pro_3150g_firmwareryzen_pro_3700ryzen_5800x3dryzen_5700g_firmwareathlon_pro_200geryzen_5900x_firmwareryzen_pro_2200ge_firmwareryzen_pro_5650ge_firmwareryzen_4300gryzen_5700geryzen_5300gryzen_threadripper_3990xryzen_pro_3400geryzen_threadripper_2990wxryzen_5800x3d_firmwareryzen_threadripper_3970xryzen_pro_3600ryzen_pro_4750gathlon_3150ge_firmwareryzen_pro_2200gryzen_pro_3400gryzen_4600ge_firmwareryzen_pro_2400ge_firmwareryzen_threadripper_pro_3945wxryzen_threadripper_3970x_firmwareryzen_threadripper_pro_3975wx_firmwareryzen_pro_5750gryzen_pro_4650ge_firmwareryzen_pro_5350g_firmwareryzen_threadripper_2990wx_firmwareAll supported processors
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-12790
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.10%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 18:08
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon.

Action-Not Available
Vendor-nystudio107n/a
Product-seomaticn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-11994
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-1.55% / 80.68%
||
7 Day CHG~0.00%
Published-08 Jul, 2020 | 15:13
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Server-Side Template Injection and arbitrary file disclosure on Camel templating components

Action-Not Available
Vendor-n/aThe Apache Software FoundationOracle Corporation
Product-communications_diameter_signaling_routercamelenterprise_manager_base_platformenterprise_repositoryApache Camel
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-23148
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-09 Aug, 2021 | 22:54
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request.

Action-Not Available
Vendor-rconfign/a
Product-rconfign/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2019-19614
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.37%
||
7 Day CHG~0.00%
Published-09 Mar, 2020 | 18:51
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login page is vulnerable to wildcard injection, allowing an attacker to enumerate the list of users sharing an identical password. Fixed in Release 10.24.11206.1.

Action-Not Available
Vendor-halvotecn/a
Product-raquestn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2019-16468
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-4.25% / 88.35%
||
7 Day CHG~0.00%
Published-15 Jan, 2020 | 16:15
Updated-05 Aug, 2024 | 01:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure.

Action-Not Available
Vendor-Adobe Inc.
Product-experience_managerAdobe Experience Manager
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2019-13915
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.33% / 55.59%
||
7 Day CHG~0.00%
Published-18 Jul, 2019 | 14:24
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.

Action-Not Available
Vendor-b3logn/a
Product-widen/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-3154
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.91% / 85.85%
||
7 Day CHG~0.00%
Published-04 May, 2021 | 13:02
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can retrieve cleartext passwords via macro Injection. NOTE: this had a distinct fix relative to CVE-2020-35481.

Action-Not Available
Vendor-n/aSolarWinds Worldwide, LLC.
Product-serv-un/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-31402
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.35% / 56.95%
||
7 Day CHG~0.00%
Published-15 Apr, 2021 | 18:18
Updated-03 Aug, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.

Action-Not Available
Vendor-flutterchinan/a
Product-dion/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-29156
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-92.18% / 99.70%
||
7 Day CHG~0.00%
Published-25 Mar, 2021 | 08:20
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger protocol. For example, an unauthenticated attacker can perform character-by-character retrieval of password hashes, or retrieve a session token or a private key.

Action-Not Available
Vendor-n/aForgeRock, Inc.
Product-openamn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-29085
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-8.6||HIGH
EPSS-0.28% / 51.37%
||
7 Day CHG~0.00%
Published-23 Jun, 2021 | 09:55
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-diskstation_managerdiskstation_manager_unified_controllerDiskStation Manager (DSM)
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-29084
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-7.5||HIGH
EPSS-0.31% / 53.39%
||
7 Day CHG~0.00%
Published-23 Jun, 2021 | 09:55
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors.

Action-Not Available
Vendor-Synology, Inc.
Product-diskstation_managerdiskstation_manager_unified_controllerDiskStation Manager (DSM)
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2019-11718
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.73% / 71.81%
||
7 Day CHG~0.00%
Published-23 Jul, 2019 | 13:17
Updated-04 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.

Action-Not Available
Vendor-openSUSEMozilla Corporation
Product-firefoxleapFirefox
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-26069
Matching Score-4
Assigner-Atlassian
ShareView Details
Matching Score-4
Assigner-Atlassian
CVSS Score-5.3||MEDIUM
EPSS-2.46% / 84.64%
||
7 Day CHG~0.00%
Published-22 Mar, 2021 | 04:50
Updated-17 Sep, 2024 | 02:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate project keys via an Information Disclosure vulnerability in the /rest/api/1.0/issues/{id}/ActionsAndOperations API endpoint. The affected versions are before version 8.5.11, from version 8.6.0 before 8.13.3, and from version 8.14.0 before 8.15.0.

Action-Not Available
Vendor-Atlassian
Product-data_centerjira_serverjira_data_centerjiraJira ServerJira Data Center
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-24948
Matching Score-4
Assigner-WPScan
ShareView Details
Matching Score-4
Assigner-WPScan
CVSS Score-7.5||HIGH
EPSS-2.73% / 85.38%
||
7 Day CHG~0.00%
Published-10 Jan, 2022 | 15:30
Updated-03 Aug, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure

The Plus Addons for Elementor - Pro WordPress plugin before 5.0.7 does not validate the qvquery parameter of the tp_get_dl_post_info_ajax AJAX action, which could allow unauthenticated users to retrieve sensitive information, such as private and draft posts

Action-Not Available
Vendor-posimythUnknown
Product-the_plus_addons_for_elementorThe Plus Addons for Elementor - Pro
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-23335
Matching Score-4
Assigner-Snyk
ShareView Details
Matching Score-4
Assigner-Snyk
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.06%
||
7 Day CHG~0.00%
Published-11 Feb, 2021 | 11:25
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
LDAP Injection

All versions of package is-user-valid are vulnerable to LDAP Injection which can lead to either authentication bypass or information exposure.

Action-Not Available
Vendor-is-user-valid_projectn/a
Product-is-user-validis-user-valid
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-45612
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.52%
||
7 Day CHG~0.00%
Published-17 Sep, 2024 | 18:29
Updated-23 Sep, 2024 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insert tag injection via canonical URL in Contao

Contao is an Open Source CMS. In affected versions an untrusted user can inject insert tags into the canonical tag, which are then replaced on the web page (front end). Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to upgrade should disable canonical tags in the root page settings.

Action-Not Available
Vendor-Contao Association
Product-contaocontaocontao
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-28192
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 35.31%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 20:15
Updated-24 Jan, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NoSQL Injection Leading to Authentication Bypass in your_spotify

your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version <1.8.0 is vulnerable to NoSQL injection in the public access token processing logic. Attackers can fully bypass the public token authentication mechanism, regardless if a public token has been generated before or not, without any user interaction or prerequisite knowledge. This vulnerability allows an attacker to fully bypass the public token authentication mechanism, regardless if a public token has been generated before or not, without any user interaction or prerequisite knowledge. This issue has been addressed in version 1.8.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-yooooomiYooooomiyooooomi
Product-your_spotifyyour_spotifyyour_spotify
CWE ID-CWE-943
Improper Neutralization of Special Elements in Data Query Logic
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2021-33668
Matching Score-4
Assigner-SAP SE
ShareView Details
Matching Score-4
Assigner-SAP SE
CVSS Score-5.3||MEDIUM
EPSS-1.75% / 81.82%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 12:02
Updated-03 Aug, 2024 | 23:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to improper input sanitization, specially crafted LDAP queries can be injected by an unauthenticated user. This could partially impact the confidentiality of the application.

Action-Not Available
Vendor-SAP SE
Product-infraboxSAP InfraBox
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2024-45312
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.30% / 53.01%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 16:50
Updated-25 Sep, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary language parameter can passed to `aspell` executable via spelling requests in overleaf

Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 (or 4.2.7 for the 4.x series) contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the `aspell` executable running on the server. This causes `aspell` to attempt to load a dictionary file with an arbitrary filename. File access is limited to the scope of the overleaf server. The problem is patched in versions 5.0.7 and 4.2.7. Previous versions can be upgraded using the Overleaf toolkit `bin/upgrade` command. Users unable to upgrade may block POST requests to `/spelling/check` via a Web Application Firewall will prevent access to the vulnerable spell check feature. However, upgrading is advised.

Action-Not Available
Vendor-overleafoverleafoverleaf
Product-overleafoverleafoverleaf
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-641
Improper Restriction of Names for Files and Other Resources
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-9376
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-92.49% / 99.73%
||
7 Day CHG~0.00%
Published-09 Jul, 2020 | 12:08
Updated-04 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dir-610dir-610_firmwaren/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
  • Previous
  • 1
  • 2
  • Next
Details not found