Now testing for the following vulnerabilities - Detectify

Back to all posts

new tests

August 09, 2024

Now testing for the following vulnerabilities

New tests released based on submissions by our Detectify Crowdsource hackers:

CVE-2024-37881: WordPress Plugin "SiteGuard WP" Bypass
CVE-2024-37152: Argo CD Sensitive Settings Exposure
CVE-2024-36991: Splunk Enterprise Path Traversal
CVE-2024-32113: Apache OFBiz Arbitrary Code Execution
CVE-2024-2473: WordPress Plugin "WPS Hide Login" Bypass
CVE-2022-22972: VMware Workspace One Access Authentication Bypass
CVE-2021-43831: Gradio LFI
AdGuard Information Disclosure
AdGuard Installer Exposure
Coolify Registration Enabled
Deluge Default Credentials
Duplicati Dashboard Exposure
FileCloud Default Credentials
Filestash Installer Exposure
Flarum Installer Exposure
Forgejo Repository Exposure
FreshRSS Installer Exposure
Gitblit Default Credentials
Homepage Dashboard Exposure
Label Studio Public Registration Enabled
MantisBT Anonymous Access
Plesk Default Credentials
Potential NextJS Image Component SSRF
Remotely Registration Enabled
SFTPGo Installer Exposure
Smokeping Dashboard Exposure

New tests released by Detectify staff:

Malicious CDN Domain ("Polyfill") in Script Source
Changelog Exposure

Improved tests to reduce false negatives:

CVE-2017-9031: Deluge Path Traversal

Improved tests to reduce false positives:

ASP.NET Application Settings (appsettings.json) File Disclosure

Improved finding information:

CVE-2023-3188: Owncast SSRF
CVE-2021-27905: Apache Solr SSRF
CVE-2021-21975: VMWare vRealize Operations Manager API SSRF
CVE-2020-5412: Netflix Hystrix Dashboard Proxy SSRF
CVE-2019-7238: Nexus Repository Manager RCE
CVE-2019-13335: SugarCRM CE SSRF
CVE-2019-13335: SalesAgility SuiteCRM SSRF
Atlassian Confluence App "Linchpin Enterprise News" SSRF
Atlassian Confluence App "draw.io Diagrams for Confluence" SSRF
Atlassian Confluence App 'Confluence SSO/Single Sign On' SSRF
Atlassian Confluence Code Pro for Confluence Macro SSRF
Atlassian Confluence Macro "Table Filter and Charts for Confluence" SSRF
Atlassian Confluence Markdown Macro Path Traversal
Atlassian Confluence Release Info for Confluence Macro SSRF
Atlassian Confluence html Macro SSRF
Atlassian Confluence html-include Macro SSRF
Atlassian Confluence markdown-from-url Macro Path Traversal
Atlassian Confluence marked Macro Path Traversal
Atlassian Confluence rss Macro SSRF
Atlassian Confluence xslt Macro SSRF
Atlassian Jira App "qTest for Jira Test Management" SSRF
Atlassian Jira Plugin (Table Grid Next Generation) SSRF
Confluence Macro 'code-include' SSRF
Confluence Macro 'csv' SSRF
Confluence Macro 'json-table' SSRF
Hasura GraphQL 1.3.3 SSRF
Oracle JD Edwards EnterpriseOne Application Interface Services SSRF

View your vulnerabilities

Thanks for your feedback