An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective.
6b4666c70098b4747658896c605a4f2b8c41c41c51144da20cf5be37e90a20b0An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial version 2.14-917a to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
4fe5d734ae07a38eb7770811089de30239da19ca25794be8de02bb80d866aa1fJournyx version 11.5.4 has an issue where the soap_cgi.pyc API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.
d02349f8de0a00286e575cc45dab4471af755c8a75e014e67fe77d724cd9c5faJournyx version 11.5.4 suffers from a cross site scripting vulnerability due to mishandling of the error_description during an active directory login flow.
9a80a13f999f61d2fbcd9c872ce0429b0fdbb765e1d12b15c39ea815ad17aa65Journyx version 11.5.4 has an issue where attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.
3bd6b3cad1bc2ee8d0610e9fb86fce5f44fde3b2f6c6e92fc16ee37f0e43bb27Journyx version 11.5.4 suffers from an issue where password reset tokens are generated using an insecure source of randomness. Attackers who know the username of the Journyx installation user can bruteforce the password reset and change the administrator password.
71ffa9c9bad198abbd7c7f62d4385be15d0013937d9b80df7f1749718fd1d3b1Open WebUI version 0.1.105 suffers from arbitrary file upload and path traversal vulnerabilities.
ec5387176f30bac9fa4d3eadc1c952af22cf21e137493ca6d50297eda34a6c34Open WebUI version 0.1.105 suffers from a persistent cross site scripting vulnerability.
658c9c08ea4ec4d262623596aacd371e3b13671c5709eaa27c2e69d347ea9ae5A command injection vulnerability in Artica Proxy appliance versions 4.50 and 4.40 allows remote attackers to run arbitrary commands via an unauthenticated HTTP request. The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user.
769d2d7e8f18e8bd0ce142472f159825e87239bfc4426229f241a00de99425a0Services that are running and bound to the loopback interface on the Artica Proxy version 4.50 are accessible through the proxy service. In particular, the tailon service is running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.
0693c2ce363baaef7b371443418fb29623edc052f8d82f02eea207672f271e4bThe Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.
8e2ee354af5fde39323dcb9b78bd8d0b892172400746b1b66015b3a87cbd8630Artica Proxy versions 4.40 and 4.50 suffer from a local file inclusion protection bypass vulnerability that allows for path traversal.
ee5d3d2cce629647f1cc48769c74910aca7883ad99b79b7b1c766a0e28a65ddf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed