-
Notifications
You must be signed in to change notification settings - Fork 776
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
164318f
commit 7e65926
Showing
11 changed files
with
148 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-1721](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1721) | ||
![](https://img.shields.io/static/v1?label=Product&message=Yoga%20Class%20Registration%20System&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) | ||
|
||
### Description | ||
|
||
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://fluidattacks.com/advisories/blessd/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-1722](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1722) | ||
![](https://img.shields.io/static/v1?label=Product&message=Yoga%20Class%20Registration%20System&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) | ||
|
||
### Description | ||
|
||
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://fluidattacks.com/advisories/wyckoff/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-2989](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2989) | ||
![](https://img.shields.io/static/v1?label=Product&message=Globalscape%20EFT&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=8.0.0%3C%208.1.0.16%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%20Out-of-bounds%20Read&color=brighgreen) | ||
|
||
### Description | ||
|
||
Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-2990](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2990) | ||
![](https://img.shields.io/static/v1?label=Product&message=Globalscape%20EFT&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=8.0.0%3C%208.1.0.16%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%20Uncontrolled%20Resource%20Consumption&color=brighgreen) | ||
|
||
### Description | ||
|
||
Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-2991](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2991) | ||
![](https://img.shields.io/static/v1?label=Product&message=Globalscape%20EFT&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=%3D%208.0.0%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen) | ||
|
||
### Description | ||
|
||
Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a "trial extension request" message | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-32571](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32571) | ||
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) | ||
|
||
### Description | ||
|
||
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/ | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-3393](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3393) | ||
![](https://img.shields.io/static/v1?label=Product&message=fossbilling%2Ffossbilling&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%200.5.1%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code&color=brighgreen) | ||
|
||
### Description | ||
|
||
Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://huntr.dev/bounties/e4df9280-900a-407a-a07e-e7fef3345914 | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
### [CVE-2023-3394](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3394) | ||
![](https://img.shields.io/static/v1?label=Product&message=fossbilling%2Ffossbilling&color=blue) | ||
![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%200.5.1%20&color=brighgreen) | ||
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-384%20Session%20Fixation&color=brighgreen) | ||
|
||
### Description | ||
|
||
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. | ||
|
||
### POC | ||
|
||
#### Reference | ||
- https://huntr.dev/bounties/84bf3e85-cdeb-4b8d-9ea4-74156dbda83f | ||
|
||
#### Github | ||
No PoCs found on GitHub currently. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters