An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective.
6b4666c70098b4747658896c605a4f2b8c41c41c51144da20cf5be37e90a20b0
An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
4fe5d734ae07a38eb7770811089de30239da19ca25794be8de02bb80d866aa1f
Journyx version 11.5.4 has an issue where the soap_cgi.pyc API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.
d02349f8de0a00286e575cc45dab4471af755c8a75e014e67fe77d724cd9c5fa
Journyx version 11.5.4 suffers from a cross site scripting vulnerability due to mishandling of the error_description during an active directory login flow.
9a80a13f999f61d2fbcd9c872ce0429b0fdbb765e1d12b15c39ea815ad17aa65
Journyx version 11.5.4 has an issue where attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.
3bd6b3cad1bc2ee8d0610e9fb86fce5f44fde3b2f6c6e92fc16ee37f0e43bb27
Journyx version 11.5.4 suffers from an issue where password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password.
71ffa9c9bad198abbd7c7f62d4385be15d0013937d9b80df7f1749718fd1d3b1
Open WebUI version 0.1.105 suffers from arbitrary file upload and path traversal vulnerabilities.
ec5387176f30bac9fa4d3eadc1c952af22cf21e137493ca6d50297eda34a6c34
Open WebUI version 0.1.105 suffers from a persistent cross site scripting vulnerability.
658c9c08ea4ec4d262623596aacd371e3b13671c5709eaa27c2e69d347ea9ae5
A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.
769d2d7e8f18e8bd0ce142472f159825e87239bfc4426229f241a00de99425a0
Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.
0693c2ce363baaef7b371443418fb29623edc052f8d82f02eea207672f271e4b
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.
8e2ee354af5fde39323dcb9b78bd8d0b892172400746b1b66015b3a87cbd8630
Artica Proxy versions 4.40 and 4.50 suffer from a local file inclusion protection bypass vulnerability that allows for path traversal.
ee5d3d2cce629647f1cc48769c74910aca7883ad99b79b7b1c766a0e28a65ddf