Advisory
Questa pagina contiene i riferimenti alle vulnerabilità 0day individuate dal Security Team di AlmavivA, come parte delle attività di ricerca.
La nostra Disclosure PolicyCVE-2021-41594
RSA Archer
RSA Archer 6.9.SP1 P3 suffer of a privilege escalation vulnerability letting administrators access presumibily inaccessible functionalities.
CVE-2021-40511
Mastro – OBDA systems
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.
CVE-2021-40510
Mastro – OBDA systems
XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.
CVE-TBA-01
Liferay Portal
Cross-site scripting (XSS) vulnerability in the Gogo Shell module in Liferay Portal 7.1.0 through 7.3.6 and 7.4.0 allows remote attackers to inject arbitrary web script or HTML via the output of a Gogo Shell command.
CVE-2021-36761
Qlik Sense
The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows remote attackers to perform internal port scanning via SSRF.
CVE-2021-36760
WSO2 Identity Server
DOM-based XSS attack in WSO2 Identity Server 5.7.0 allows remote attackers to inject arbitrary web script in password reset procedure. This vulnerability can be used to perform Open Redirection attacks too.
CVE-2020-23488
L.E.F Radio Web Streamer
Blind Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to execute arbitrary command on the target system via specially crafted HTTP POST request.
CVE-2020-23487
L.E.F Radio Web Streamer
Arbitrary File Upload in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to upload arbitrary file on the target system, hence
executing arbitrary command by uploading a PHP file.
CVE-2020-23486
L.E.F Radio Web Streamer
Unauthenticated Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows an attacker to execute arbitrary command on the target system.
CVE-2020-14608
Oracle Fusion Middleware MapViewer
This vulnerability allows unauthenticated attacker with network access via HTTP to create, delete, edit critical data and read accessible data.
CVE-2020-14607
Oracle Fusion Middleware MapViewer
This vulnerability allows unauthenticated attacker with network access via HTTP to update, insert, delete and partially read accessible data.
CVE-2020-14997
ASiM – Archimista
An Insecure Direct Object Reference (IDOR) in Archimista 3.1.0 allows authenticated attacker to read and export all the reports in the application.
CVE-2020-14996
ASiM – Archimista
An arbitrary file read in Archimista 3.1.0 allows remote attacker to read arbitrary files on the file system.
CVE-2020-14995
ASiM – Archimista
A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “term” parameter.
CVE-2020-14994
ASiM – Archimista
A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “order” parameter.
CVE-2019-19866
Atos Unify OpenScape UC Application
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs.
CVE-2019-19865
Atos Unify OpenScape UC Application
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.