iglocska

99 exploits Active since Sep 2016
CVE-2020-8890 WRITEUP MEDIUM WRITEUP
MISP < 2.4.121 - Time-of-check Time-of-use Race Condition in Brute-Force Protection
An issue was discovered in MISP before 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of invalid requests.
CVSS 5.9
CVE-2020-8891 WRITEUP MEDIUM WRITEUP
MISP < 2.4.121 - Brute-Force Attack via Username Canonicalization Bypass
An issue was discovered in MISP before 2.4.121. It did not canonicalize usernames when trying to block a brute-force series of invalid requests.
CVSS 5.9
CVE-2020-8892 WRITEUP HIGH WRITEUP
MISP < 2.4.121 - Brute-Force Protection Bypass via HTTP PUT Method
An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.
CVSS 8.1
CVE-2022-29528 WRITEUP CRITICAL WRITEUP
MISP < 2.4.158 - Deserialization of Untrusted Data via PHAR
An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
CVSS 9.8
CVE-2022-48328 WRITEUP CRITICAL WRITEUP
MISP < 2.4.167 - SQL Injection via IndexFilterComponent Parameter Handling
app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.
CVSS 9.8
CVE-2022-48329 WRITEUP CRITICAL WRITEUP
MISP < 2.4.166 - Improper Handling of Exceptional Conditions via Order Parameter
MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.
CVSS 9.8
CVE-2015-5719 WRITEUP CRITICAL WRITEUP
Malware Information Sharing Platform < 2.3.91 - Unrestricted File Upload in TemplatesController
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
CVSS 9.8
CVE-2015-5720 WRITEUP MEDIUM WRITEUP
Malware Information Sharing Platform < 2.3.90 - Cross-Site Scripting in Template Creation
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
CVSS 6.1
CVE-2015-5721 WRITEUP CRITICAL WRITEUP
Malware Information Sharing Platform < 2.3.89 - PHP Object Injection via Serialized Data
Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.
CVSS 9.8
CVE-2017-13671 WRITEUP MEDIUM WRITEUP
MISP < 2.4.78 - Stored Cross-Site Scripting via Comment Field
app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent XSS via comments. It only impacts the users of the same instance because the comment field is not part of the MISP synchronisation.
CVSS 6.1
CVE-2017-14337 WRITEUP HIGH WRITEUP
MISP < 2.4.80 - Unauthenticated Arbitrary User Access via CertAuth with External API
When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunction with a non-MISP external user management ReST API, if an external user provides X.509 certificate authentication and this API returns an empty value, the unauthenticated user can be granted access as an arbitrary user.
CVSS 8.1
CVE-2017-15216 WRITEUP MEDIUM WRITEUP
MISP < 2.4.80 - Reflected Cross-Site Scripting via QuickDelete Action
MISP before 2.4.81 has a potential reflected XSS in a quickDelete action that is used to delete a sighting, related to app/View/Sightings/ajax/quickDeleteConfirmationForm.ctp and app/webroot/js/misp.js.
CVSS 6.1
CVE-2017-16802 WRITEUP MEDIUM WRITEUP
MISP 2.4.82 - Stored Cross-Site Scripting via Organisation Name in Sharing Group Population
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manually added.
CVSS 5.4
CVE-2017-16946 WRITEUP MEDIUM WRITEUP
MISP 2.4.82 - Sensitive Information Disclosure in Audit Log
The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a hashed password by reading the audit log.
CVSS 4.9
CVE-2017-7215 WRITEUP MEDIUM WRITEUP
MISP < 2.4.68 - Cross-Site Scripting in Index Filter Tool and Organisation Landing Page
Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4.69 allows remote attackers to inject arbitrary web script or HTML.
CVSS 6.1
CVE-2018-11245 WRITEUP MEDIUM WRITEUP
MISP 2.4.91 - DOM-Based Cross-Site Scripting via Cortex Type Attributes
app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes.
CVSS 6.1
CVE-2018-11562 WRITEUP MEDIUM WRITEUP
MISP 2.4.91 - Reflected Cross-Site Scripting via Event View Deleted Attributes Filter
An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.
CVSS 6.1
CVE-2018-12649 WRITEUP CRITICAL WRITEUP
MISP 2.4.92 - Brute-Force Protection Bypass via PUT HTTP Method
An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can bypass the brute-force protection by using a PUT HTTP method instead of a POST HTTP method in the login part, because this protection was only covering POST requests.
CVSS 9.8
CVE-2018-6926 WRITEUP HIGH WRITEUP
MISP 2.4.87 - Authenticated OS Command Injection via Server Setting Path Override
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.
CVSS 7.2
CVE-2018-8948 WRITEUP MEDIUM WRITEUP
MISP < 2.4.89 - Cross-Site Scripting via Malicious MISP Module
In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicious MISP module.
CVSS 6.1
CVE-2018-8949 WRITEUP MEDIUM WRITEUP
MISP <2.4.89 - Privilege Escalation
An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute IDs set) could overwrite an existing attribute.
CVSS 4.3
CVE-2019-10254 WRITEUP MEDIUM WRITEUP
MISP < 2.4.105 - Reflected Cross-Site Scripting in Default Layout Template
In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability.
CVSS 6.1
CVE-2019-11812 WRITEUP MEDIUM WRITEUP
MISP < 2.4.107 - Stored Cross-Site Scripting in Discussion Interface
A persistent XSS issue was discovered in app/View/Helper/CommandHelper.php in MISP before 2.4.107. JavaScript can be included in the discussion interface, and can be triggered by clicking on the link.
CVSS 6.1
CVE-2019-11813 WRITEUP MEDIUM WRITEUP
MISP < 2.4.107 - Stored Cross-Site Scripting via Link Type Attribute
An issue was discovered in app/View/Elements/Events/View/value_field.ctp in MISP before 2.4.107. There is persistent XSS via link type attributes with javascript:// links.
CVSS 6.1
CVE-2019-11814 WRITEUP MEDIUM WRITEUP
MISP < 2.4.107 - Stored Cross-Site Scripting via Image Names in Titles
An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. There is persistent XSS via image names in titles, as demonstrated by a screenshot.
CVSS 6.1