CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2014-8684 – Seagate Business NAS - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-8684
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes. CodeIgniter antes de la versión 3.0 y Kohana 3.2.3 y anteriores y en versiones 3.3.x hasta la 3.3.2 facilita que los atacantes remotos suplanten cookies de sesión y lleven a cabo ataques de inyección de objetos PHP. Esto se realizaría por medio de operadores estándar de comparación de strings para comparar hashes criptográficos. • https://www.exploit-db.com/exploits/36264 http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html http://seclists.org/fulldisclosure/2014/May/54 https://github.com/kohana/core/pull/492 https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection http://www.seagate.com/au/en/support/external-hard-drives/network-storage/business-storage-2-bay-nas https://beyondbinary.io/advisory/seagate-nas-rce • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2014-8686 – Seagate Business NAS - Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-8686
CodeIgniter before 2.2.0 makes it easier for attackers to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available. CodeIgniter en versiones anteriores a la 2.2.0 facilita que los atacantes descodifiquen cookies de sesión aprovechando un fallback a una combinación de cifrado personalizada basada en XOR cuando la extensión Mcrypt para PHP no está disponible. • https://www.exploit-db.com/exploits/36264 http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html https://beyondbinary.io/articles/seagate-nas-rce https://codeigniter.com/userguide2/changelog.html https://www.dionach.com/blog/codeigniter-session-decoding-vulnerability http://www.seagate.com/au/en/support/external-hard-drives/network-storage/business-storage-2-bay-nas https://beyondbinary.io/advisory/seagate-nas-rce • CWE-310: Cryptographic Issues •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2012-1915 – CodeIgniter 2.1 - 'xss_clean()' Filter Security Bypass
https://notcve.org/view.php?id=CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks. EllisLab CodeIgniter versión 2.1.2, permite a atacantes remotos omitir el Filtro xss_clean() y llevar a cabo ataques de tipo XSS. CodeIgniter version 2.1.1 suffers from a cross site scripting filter bypass vulnerability. • https://www.exploit-db.com/exploits/37521 http://www.securityfocus.com/bid/54620 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2011-3719
https://notcve.org/view.php?id=CVE-2011-3719
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. CodeIgniter v1.7.2 permite a atacantes remotos obtener información sensible a través de una petición directa a un archivo .php, lo que revela la ruta de instalación en un mensaje de error, como se demostró con system/scaffolding/views/view.php y algunos otros archivos. • http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/CodeIgniter_1.7.2 http://www.openwall.com/lists/oss-security/2011/06/27/6 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3709
https://notcve.org/view.php?id=CVE-2007-3709
CRLF injection vulnerability in the redirect function in url_helper.php in CodeIgniter 1.5.3 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in an unspecified parameter, as demonstrated by a Set-Cookie header. Vulnerabilidad de inyección de retornos de carro y saltos de línea el la función redirección en url_helper.php de CodeIgniter 1.5.3 permite a atacantes remotos inyectar cabeceras HTML de su elección mediante secuencias CRLF en un parámetro no especificado, como se demuestra con una cabecera Set-Cookie. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064500.html http://osvdb.org/39370 http://securityreason.com/securityalert/2877 http://www.securityfocus.com/archive/1/473190/100/0/threaded •