Security Advisories
Vulnerabilities identified by Horizon during security assessments and research activities
Vulnerabilities identified by Horizon during security assessments and research activities
Horizon Security has identified an Unrestricted File Upload vulnerability involving the Convert Forms extension by Tassos Marinos, mainly used by web applications developed with well-known frameworks such as Joomla. This insecure behavior makes it possible to upload any type of file to the web server, which could allow the distribution of malicious files to the form’s recipients or, depending on the server’s configuration, the potential execution of malicious code on the server hosting the web application.
Thursday, 5 December 2024Horizon Security Staff
Horizon Security identified a reflected Cross-Site Scripting (XSS) vulnerability affecting the Tassos Marino's Convert Forms extension, primarily used by web applications developed with well-known frameworks such as Joomla. This vulnerability allows unauthenticated attackers to create specially crafted malicious web pages aimed at forcing the victim's web browser to upload a file, containing malicious code in its name, to the web server via the vulnerable file upload functionality of the Convert Forms extension.
Wednesday, 4 December 2024Horizon Security Staff
Horizon Security identified multiple Cross-Site Scripting (Stored) vulnerabilities in the management web interface exposed by some DrayTek router models. These vulnerabilities can allow an unauthenticated attacker, able to reach the home page of the interface, to inject and store malicious JavaScript code via vulnerable CGI scripts.
Thursday, 2 March 2023Horizon Security Staff
Horizon Security discovered a Server-side request forgery (SSRF) vulnerability in ManageEngine AdSelfService Plus version 6013 and lower which allows an attacker to perform a privilege escalation attack.
Friday, 19 February 2021Horizon Security Staff
Horizon Security discovered an unquoted service path vulnerability which may allow a local user to perform a privilege escalation attacks.
Friday, 10 April 2020Horizon Security Staff
Horizon Security identified multiple XSS and CSRF vulnerabilities in the administrative interface, REST API, workspace client and openspace client of ActiveMatrix BPM. These vulnerabilities may allow an attacker to execute JavaScript code in the user browser and may trick the authenticated users of the web application into executing actions of the attacker's choosing.
Tuesday, 21 May 2019Horizon Security Staff
Horizon Security identified an XSS vulnerability in the web interface widget of Aruba Instant, which allows an attacker to execute JavaScript code in the user browser within the context of the web application.
Thursday, 28 February 2019Horizon Security Staff
Horizon Security discovered a command injection that lead to remote code execution in Xerox's AltaLink printers.
Monday, 28 January 2019Horizon Security Staff
Microsoft Sharepoint On-Premise and Online are affected by an Open Redirect vulnerability, that can be used to carry out phishing attacks.
Friday, 28 December 2018Horizon Security Staff
Horizon Security discovered a command injection that lead to remote code execution in Fastweb's FastGate router.
Thursday, 13 December 2018Horizon Security Staff
Horizon Security identified an XSS vulnerability in the "feed RSS" widget of Telligent Community application, which allows an attacker to execute JavaScript code in the user browser within the context of the web application.
Wednesday, 21 November 2018Horizon Security Staff
Horizon Security identified multiple Cross-Site Scripting vulnerabilities in Oracle PeopleSoft, which allows an attacker to execute JavaScript code in the user browser within the context of the web application.
Tuesday, 16 October 2018Horizon Security Staff
Horizon Security identified multiple Cross-Site Scripting vulnerabilities in IBM Websphere Portal, which allows an attacker to execute JavaScript code in the user browser within the context of the web application.
Tuesday, 25 September 2018Horizon Security Staff
Horizon Security identified that Avaya Aura® Orchestration Designer is vulnerable to Cross-site request forgery attacks, which allows attacker to force an unware victim user to perform administrative tasks (e.g. user creation, password change)
Friday, 21 September 2018Horizon Security Staff
Horizon Security identified a SQL injection vulnerability in RSA Archer, which allows an attacker to execute arbitrary commands against the database, for example to extract reserved data.
Friday, 31 August 2018Horizon Security Staff