CVE-2021-38366
https://notcve.org/view.php?id=CVE-2021-38366
Sitecore through 10.1, when Update Center is enabled, allows remote authenticated users to upload arbitrary files and achieve remote code execution by visiting an uploaded .aspx file at an admin/Packages URL. Sitecore versiones hasta 10.1, cuando el Centro de Actualización está habilitado, permite a usuarios remotos autenticados cargar archivos arbitrarios y lograr una ejecución de código remota al visitar un archivo .aspx cargado en una URL de administración/Paquetes. • https://blog.istern.dk/2021/08/10/sitecore-10-authenticated-file-upload-to-rce • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-7669 – Sitecore.Net 8.1 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-7669
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a sitecore/shell/default.aspx?xmlcontrol=LogViewerDetails&file= URI. Validation is performed to ensure that the text passed to the 'file' parameter correlates to the correct log file directory. This filter can be bypassed by including a valid log filename and then appending a traditional 'dot dot' style attack. • https://www.exploit-db.com/exploits/45152 https://github.com/palaziv/CVE-2018-7669 http://seclists.org/fulldisclosure/2018/Apr/47 https://kb.sitecore.net/articles/356221 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2017-9356
https://notcve.org/view.php?id=CVE-2017-9356
Sitecore.NET 7.1 through 7.2 has a Cross Site Scripting Vulnerability via the searchStr parameter to the /Search-Results URI. Sitecore.NET 7.1 hasta la versión 7.2 tiene una vulnerabilidad de Cross-Site Scripting (XSS) mediante el parámetro searchStr en el URI /Search-Results. • http://seclists.org/bugtraq/2017/Jun/43 http://www.securityfocus.com/bid/99239 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •