CVE-2023-1184
published 2023-03-06CVE-2023-1184: A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file…
PriorityP352high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.75%
50.2th percentile
A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file admin/database.php of the component Backup Database Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222356.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | apptainer_apptainer | >= 0 < 1.1.8 | 1.1.8 |
| shopex | ecshop | <= 4.1.8 | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
| shopex | ecshop | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.8MEDIUMAV:N/AC:L/Au:M/C:P/I:P/A:P
ghsa5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
html inputs of type password recorded in plaintext when converted to text inputs
ghsa·2023-05-26
CVE-2023-33187 [MEDIUM] CWE-319 html inputs of type password recorded in plaintext when converted to text inputs
html inputs of type password recorded in plaintext when converted to text inputs
### Impact
Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `type="password"` inputs. A customer may assume that switching to `type="text"` would also not record this input; hence, they would not add additional `highlight-mask` css-class obfuscation to this part of the DOM, resulting in unintentional recording of a password value when a `Show Password` button is used.
### Patches
`[email protected]` resolves the issue via https://github.com/rrweb-io/rrweb/pull/1184
This patch tracks changes to the `type` attribute of an input to ensure an inp
GHSA
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer
ghsa·2023-04-25·CVSS 5.5
CVE-2023-30549 [MEDIUM] CWE-416 Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer
### Impact
There is an ext4 use-after-free flaw described in CVE-2022-1184 that is exploitable through versions of Apptainer < 1.1.0 and installations that include apptainer-suid < 1.1.8 on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation.
### Background
Historically there have been many CVEs published for extfs and a smaller number for squashfs, including serious use-after-free and buffer overrun vulnerabilities, that are sco
GHSA
GHSA-2f9c-7w3q-922p: A vulnerability, which was classified as problematic, has been found in ECshop up to 4
ghsa_unreviewed·2023-03-06
CVE-2023-1184 [HIGH] CWE-434 GHSA-2f9c-7w3q-922p: A vulnerability, which was classified as problematic, has been found in ECshop up to 4
A vulnerability, which was classified as problematic, has been found in ECshop up to 4.1.8. Affected by this issue is some unknown functionality of the file admin/database.php of the component Backup Database Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222356.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-03-06
Published