SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW

Posted by SEC Consult Vulnerability Lab on Oct 12

SEC Consult Vulnerability Lab Security Advisory < 20201012-0 >
=======================================================================
title: Reflected Cross-Site Scripting and Unauthenticated
Malicious File Upload
product: Sage DPW
vulnerable version: 2020_06_000 & 2020_06_001
fixed version: 2020_06_002
CVE number: CVE-2020-26583 & CVE-2020-26584
impact:…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Original Source

Tags: cyber, exploit, full disclosure, OSINT, seclist, Security, threatintel, vulnerabilities, vulnerability, vulns

SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW

Original Source

OSTE-Web-Log-Analyzer – Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

CISA: CERT/CC Reports R Programming Language Vulnerability

HackerOne Bug Bounty Disclosure: insecure-direct-object-reference-protection-bypass-by-changing-http-method-in-ibm-your-learning-endpoint-suryahss

CISA: CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

Sliver C2 Detected – 45[.]55[.]51[.]117:31337

Original Source

You may have missed

OSTE-Web-Log-Analyzer – Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

CISA: CERT/CC Reports R Programming Language Vulnerability

HackerOne Bug Bounty Disclosure: insecure-direct-object-reference-protection-bypass-by-changing-http-method-in-ibm-your-learning-endpoint-suryahss

CISA: CISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

Sliver C2 Detected – 45[.]55[.]51[.]117:31337