Advisory
Questa pagina contiene i riferimenti alle vulnerabilità 0day individuate dal Security Team di AlmavivA, come parte delle attività di ricerca.
La nostra Disclosure PolicyQuesta pagina contiene i riferimenti alle vulnerabilità 0day individuate dal Security Team di AlmavivA, come parte delle attività di ricerca.
La nostra Disclosure PolicyRSA Archer
RSA Archer 6.9.SP1 P3 suffer of a privilege escalation vulnerability letting administrators access presumibily inaccessible functionalities.
Mastro – OBDA systems
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.
Mastro – OBDA systems
XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.
Liferay Portal
Cross-site scripting (XSS) vulnerability in the Gogo Shell module in Liferay Portal 7.1.0 through 7.3.6 and 7.4.0 allows remote attackers to inject arbitrary web script or HTML via the output of a Gogo Shell command.
Qlik Sense
The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows remote attackers to perform internal port scanning via SSRF.
WSO2 Identity Server
DOM-based XSS attack in WSO2 Identity Server 5.7.0 allows remote attackers to inject arbitrary web script in password reset procedure. This vulnerability can be used to perform Open Redirection attacks too.
L.E.F Radio Web Streamer
Blind Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to execute arbitrary command on the target system via specially crafted HTTP POST request.
L.E.F Radio Web Streamer
Arbitrary File Upload in L.E.F. srl Radio Web Streamer 1.0 allows an
authenticated attacker to upload arbitrary file on the target system, hence
executing arbitrary command by uploading a PHP file.
L.E.F Radio Web Streamer
Unauthenticated Command Injection in L.E.F. srl Radio Web Streamer 1.0 allows an attacker to execute arbitrary command on the target system.
Oracle Fusion Middleware MapViewer
This vulnerability allows unauthenticated attacker with network access via HTTP to create, delete, edit critical data and read accessible data.
Oracle Fusion Middleware MapViewer
This vulnerability allows unauthenticated attacker with network access via HTTP to update, insert, delete and partially read accessible data.
ASiM – Archimista
An Insecure Direct Object Reference (IDOR) in Archimista 3.1.0 allows authenticated attacker to read and export all the reports in the application.
ASiM – Archimista
An arbitrary file read in Archimista 3.1.0 allows remote attacker to read arbitrary files on the file system.
ASiM – Archimista
A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “term” parameter.
ASiM – Archimista
A SQL injection in Archimista 3.1.0 allows remote attacker to execute arbitrary query on the database via the “order” parameter.
Atos Unify OpenScape UC Application
Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs.
Atos Unify OpenScape UC Application
Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V10 before version V10 R0.6.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.