Horizon3.ai

SEARCH

CATEGORIES

TAGS

    CVE-2021-27927: CSRF to RCE Chain in Zabbix

    March 8, 2021
    Zabbix is an enterprise IT network and application monitoring solution. In a routine review of its source code, we discovered a CSRF (cross-site request forgery) vulnerability in the authentication component of the Zabbix UI. Using this vulnerability, an unauthenticated attacker can take over the Zabbix administrator's account if the attacker can persuade the Zabbix administrator…

    Purple Teams

    February 23, 2021
    Purple teaming is the result of collaboration, communication and sharing of information between a red team and a blue team in an effort to improve the overall security posture of an organization. How organizations comprise these components may vary, but for context, a Red team is the offensive security team. They are trained in the…
    Purple board game piece between a line of blue pieces and a line of red pieces

    CVE-2020-35700: Exploiting a Second-Order SQL Injection in LibreNMS < 21.1.0

    February 7, 2021
    LibreNMS is an open source solution for network monitoring based on PHP, MySQL and SNMP. While reviewing its source code, we discovered a second-order SQL injection vulnerability, CVE-2020-35700, in the Dashboard feature. This vulnerability is exploitable by any authenticated user inside LibreNMS. The vulnerability is fixed in LibreNMS 21.1.0.

    Unauthenticated XSS to Remote Code Execution Chain in Mautic < 3.2.4

    January 24, 2021
    Mautic is widely used open source software for marketing automation. While researching the application and its source code on Github, we discovered an attack chain whereby an unauthenticated attacker could gain remote code execution privileges on the server hosting Mautic by abusing a stored XSS vulnerability. The issues raised in this post, CVE-2020-35124 and CVE-2020-35125,…

    CVE-2020-29437: Authenticated SQL Injection in OrangeHRM < 4.6.0.1

    January 5, 2021
    OrangeHRM is software for Human Resource Management (HRM). In a routine audit of the open source version of OrangeHRM, we discovered a SQL injection vulnerability in the "Buzz" module, an integrated social media tool within the software. Authenticated low privilege users can use this vulnerability to disclose the full contents of the OrangeHRM database, including…