CVE-2022-1818 – Multi-page Toolkit <= 2.6 - Arbitrary Settings Update to Stored XSS via CSRF
https://notcve.org/view.php?id=CVE-2022-1818
The Multi-page Toolkit WordPress plugin through 2.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well El plugin Multi-page Toolkit de WordPress versiones hasta 2.6, no presenta una comprobación de tipo CSRF cuando es actualizada su configuración, lo que podría permitir a atacantes hacer que un administrador conectado los cambie por medio de un ataque de tipo CSRF y conllevar a un ataque de tipo Cross-Site Scripting Almacenado debido a una falta de saneo y escape también • https://wpscan.com/vulnerability/9d6c628f-cdea-481c-a2e5-101dc167718d • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2020-15228 – Environment Variable Injection in GitHub Actions
https://notcve.org/view.php?id=CVE-2020-15228
In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modified without the intention of the workflow or action author. The runner will release an update that disables the `set-env` and `add-path` workflow commands in the near future. For now, users should upgrade to `@actions/core v1.2.6` or later, and replace any instance of the `set-env` or `add-path` commands in their workflows with the new Environment File Syntax. Workflows and actions using the old commands or older versions of the toolkit will start to warn, then error out during workflow execution. • https://github.com/guettli/fix-CVE-2020-15228 http://packetstormsecurity.com/files/159794/GitHub-Widespread-Injection.html https://github.com/actions/toolkit/security/advisories/GHSA-mfwh-5m23-j46w • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2017-9149
https://notcve.org/view.php?id=CVE-2017-9149
Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted. Metadata Anonymisation Toolkit (MAT) versiones 0.6 y 0.6.1, silenciosamente no puede realizar acciones de "Clean metadata" a partir de la invocación desde el menú contextual de Nautilus, que permite a los atacantes dependiendo del contexto obtener información confidencial mediante la lectura de un archivo para el que se había intentado la limpieza. • https://0xacab.org/mat/mat/commit/8f6303a1f26fe8dad83ba96ab8328dbdfa3af59a https://0xacab.org/mat/mat/commit/94ca62a429bb6a3a5f293de26053e54bbfeea9f9 https://0xacab.org/mat/mat/issues/11527 https://bugs.debian.org/858058 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-5508
https://notcve.org/view.php?id=CVE-2015-5508
Cross-site request forgery (CSRF) vulnerability in the XC NCIP Provider module in the eXtensible Catalog (XC) Drupal Toolkit allows remote attackers to hijack the authentication of users with the "administer ncip providers" permission for requests that alter NCIP providers via a crafted request. Vulnerabilidad CSRF en el módulo XC NCIP Provider en el eXtensible Catalog (XC) Drupal Toolkit, permite a atacantes remotos secuestrar la autenticación de usuarios con los permisos de 'administer ncip providers' para solicitudes que alteran los proveedores NCIP a través de una petición manipulada. • http://www.openwall.com/lists/oss-security/2015/07/04/4 http://www.securityfocus.com/bid/75277 https://www.drupal.org/node/2507619 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2014-4548 – Ruven Toolkit <= 2.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2014-4548
Cross-site scripting (XSS) vulnerability in tinymce/popup.php in the Ruven Toolkit plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the popup parameter. Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo tinymce/popup.php en el plugin Ruven Toolkit versión 1.1 y anteriores para WordPress, permite a atacantes remotos inyectar script web o HTML arbitrario por medio del parámetro popup. • http://codevigilant.com/disclosure/wp-plugin-ruven-toolkit-a3-cross-site-scripting-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •