In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely recently created response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters. (CVSS:5.0) (Concluding Update:2020-04-09)

2020-02-27T20:00:00-05:00February 27th, 2020|HTTP Response Splitting|


Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php. (CVSS:6.8) (Closing Update:2020-02-28)

2020-02-19T20:00:00-05:00February 19th, 2020|Vulnerabilities with Exploits|


ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores fragile information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0. (CVSS:5.0) (Concluding Update:2020-02-28)

2020-02-19T20:00:00-05:00February 19th, 2020|Vulnerabilities with Exploits|


D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. (CVSS:9.0) (Closing Update:2020-03-05)

2020-02-18T20:00:00-05:00February 18th, 2020|Vulnerabilities with Exploits|


A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 owed to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code (CVSS:7.5) (Concluding Update:2020-02-19)

2020-02-13T20:00:00-05:00February 13th, 2020|Vulnerabilities with Exploits|


A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient accession restrictions in the data.php script, which could let a remote malicious user obtain admittance or modify or delete database information. (CVSS:7.5) (Concluding Update:2020-02-19)

2020-02-12T20:00:00-05:00February 12th, 2020|Vulnerabilities with Exploits|


A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. (CVSS:4.3) (Concluding Update:2020-02-18)

2020-02-11T20:00:00-05:00February 11th, 2020|Vulnerabilities with Exploits|


The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636. (CVSS:6.8) (Terminal Update:2020-02-19)

2020-02-11T20:00:00-05:00February 11th, 2020|Vulnerabilities with Exploits|
Go to Top