AppCheck Security Blog
Featured post
DNN CMS Server-Side Request Forgery (CVE-2021-40186)
/ Posted May 26, 2022
The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services.
read moreFilter by:
DNN CMS Server-Side Request Forgery (CVE-2021-40186)
Research Security Alerts / Posted May 26, 2022
The AppCheck research team identified a Server-Side Request Forgery (SSRF) vulnerability within the DNN CMS platform, formerly known as DotNetNuke. SSRF vulnerabilities allow the attacker to exploit the target system to make network requests on their behalf, allowing a range of possible attacks. In the most common scenario, the attacker exploits SSRF vulnerabilities to attack systems behind the firewall and access sensitive information from Cloud Provider metadata services.
Read moreURGENT SECURITY ADVISORY - Spring4Shell (CVE-2022-22965)
Security Alerts / Posted March 31, 2022
Spring4Shell is a newly discovered remote code execution and we're already seeing this being actively exploited.
Read moreUmbraco ApplicationURL Overwrite & Persistent Password Reset Poison (CVE-2022-22690 & CVE-2022-22691)
Research Security Alerts / Posted January 18, 2022
Apache Log4j 2 Vulnerability (CVE-2021-44228)
Security Alerts / Posted December 13, 2021
A remote code execution vulnerability (CVE-2021-44228) is affecting multiple versions of the Apache Log4j 2 library.
Read moreSecurity Advisory: Duplicate Post WordPress Plugin SQL Injection Vulnerability (CVE-2021-43408)
Security Alerts / Posted October 25, 2021
The AppCheck Research team identified a security flaw within the “Duplicate Post” WordPress plugin. The plugin has been downloaded 155,421 times at the time of writing. This blog post details the finding along with remediation advice.
Read moreWordPress + Microsoft Office 365 / Azure AD | LOGIN Persistent Cross-Site Scripting (CVE-2021-43409)
Research Security Alerts / Posted October 15, 2021
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
Read moreApache 2.4.50 (CVE-2021-42013) & 2.4.49 (CVE-2021-41773) Remote Code Execution / Path Traversal Vulnerability
Security Alerts / Posted October 06, 2021
A previous version of this article recommended updating to 2.4.50 to address the vulnerability in 2.4.49, however the fix in 2.4.50 has been now been shown to be incomplete therefore it is recommended to update to 2.4.51.
Read moreSecurity Advisory: Persistent XSS via Avatar Upload in Kentico CMS (CVE-2021-43991)
Security Alerts / Posted September 17, 2021
The Kentico CMS (13.0.4001.0 Xperience platform version tested locally) is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS).
Read moreUmbraco Forms File Upload Vulnerability: Technical Analysis (CVE-2021-37334)
Research Security Alerts / Posted August 25, 2021
On the 15th of July 2021 Umbraco and AppCheck released a Security Advisory to alert users of a vulnerability within the Umbraco Forms component that could be exploited to gain remote code execution on the affected system.
Read moreAdvisory: CVE-2020-29045 - Unauthenticated RCE via Arbitrary Object Deserialisation in Five Star Restaurant Menu - WordPress Ordering Plugin
Research Security Alerts / Posted March 10, 2021
It is possible to gain Unauthenticated Remote Code Execution (RCE) on any WordPress instance that is using this plugin, due to the unsafe use of unserialize for the parsing of unsanitised user input, via the cookie fdm_cart used within includes/class-cart-manager.php
Read more