Jose Alexis Correa Valencia, Author at AlterPlex

17 Mar 2025

CVE-2025-0833

Título es
CVE-2025-0833

Lun, 17/03/2025 – 14:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-0833

Descripción en
A stored Cross-site Scripting (XSS) vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
8.70

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://www.3ds.com/vulnerability/advisories

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-0832

Título es
CVE-2025-0832

Lun, 17/03/2025 – 14:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-0832

Descripción en
A stored Cross-site Scripting (XSS) vulnerability affecting Project Gantt in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
8.70

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://www.3ds.com/vulnerability/advisories

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-0830

Título es
CVE-2025-0830

Lun, 17/03/2025 – 14:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-0830

Descripción en
A stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
8.70

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://www.3ds.com/vulnerability/advisories

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-0829

Título es
CVE-2025-0829

Lun, 17/03/2025 – 14:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-0829

Descripción en
A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
8.70

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://www.3ds.com/vulnerability/advisories

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-29788

Título es
CVE-2025-29788

Lun, 17/03/2025 – 14:15

Tipo
CWE-472

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-29788

Descripción en
The Syliud PayPal Plugin is the Sylius Core Team’s plugin for the PayPal Commerce Platform. A vulnerability in versions prior to 1.6.1, 1.7.1, and 2.0.1 allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after initiating the PayPal Express Checkout process, PayPal will not receive the updated total amount. As a result, PayPal captures only the initially transmitted amount, while Sylius incorrectly considers the order fully paid based on the modified total. This flaw can be exploited both accidentally and intentionally, potentially enabling fraud by allowing customers to pay less than the actual order value. Attackers can intentionally pay less than the actual total order amount, business owners may suffer financial losses due to underpaid orders, and integrity of payment processing is compromised. The issue is fixed in versions 1.6.1, 1.7.1, 2.0.1, and above. To resolve the problem in the end application without updating to the newest patches, there is a need to overwrite `ProcessPayPalOrderAction`, `CompletePayPalOrderFromPaymentPageAction`, and `CaptureAction` with modified logic.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/Sylius/PayPalPlugin/commit/31e71b0457e5d887a6c19f8cfabb8b16125ec406

https://github.com/Sylius/PayPalPlugin/commit/8a81258f965b7860d4bccb52942e4c5b53e6774d

https://github.com/Sylius/PayPalPlugin/releases/tag/v1.6.1

https://github.com/Sylius/PayPalPlugin/releases/tag/v1.7.1

https://github.com/Sylius/PayPalPlugin/releases/tag/v2.0.1

https://github.com/Sylius/PayPalPlugin/security/advisories/GHSA-pqq3-q84h-pj6x

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-29787

Título es
CVE-2025-29787

Lun, 17/03/2025 – 14:15

Tipo
CWE-22

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-29787

Descripción en
`zip` is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction routine of affected versions of the `zip` crate starting with version 1.3.0 and prior to version 2.3.0, symbolic links earlier in the archive are allowed to be used for later files in the archive without validation of the final canonicalized path, allowing maliciously crafted archives to overwrite arbitrary files in the file system when extracted. Users who extract untrusted archive files using the following high-level API method may be affected and critical files on the system may be overwritten with arbitrary file permissions, which can potentially lead to code execution. Version 2.3.0 fixes the issue.

17/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Gravedad 4.0
7.30

Gravedad 4.0 txt
HIGH

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://gist.github.com/eternal-flame-AD/bf71ef4f6828e741eb12ce7fd47b7b85

https://github.com/zip-rs/zip2/commit/a2e062f37066c3b12860a32eb1cb44856cfb7afe

https://github.com/zip-rs/zip2/releases/tag/v2.3.0

https://github.com/zip-rs/zip2/security/advisories/GHSA-94vh-gphv-8pm8

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-29786

Título es
CVE-2025-29786

Lun, 17/03/2025 – 14:15

Tipo
CWE-770

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-29786

Descripción en
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead to*excessive memory usage and an Out-Of-Memory (OOM) crash of the process. This issue is relatively uncommon and will only manifest when there are no restrictions on the input size, i.e. the expression length is allowed to grow arbitrarily large. In typical use cases where inputs are bounded or validated, this problem would not occur. The problem has been patched in the latest versions of the Expr library. The fix introduces compile-time limits on the number of AST nodes and memory usage during parsing, preventing any single expression from exhausting resources. Users should upgrade to Expr version 1.17.0 or later, as this release includes the new node budget and memory limit safeguards. Upgrading to v1.17.0 ensures that extremely deep or large expressions are detected and safely aborted during compilation, avoiding the OOM condition. For users who cannot immediately upgrade, the recommended workaround is to impose an input size restriction before parsing. In practice, this means validating or limiting the length of expression strings that your application will accept. For example, set a maximum allowable number of characters (or nodes) for any expression and reject or truncate inputs that exceed this limit. By ensuring no unbounded-length expression is ever fed into the parser, one can prevent the parser from constructing a pathologically large AST and avoid potential memory exhaustion. In short, pre-validate and cap input size as a safeguard in the absence of the patch.

17/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
7.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://github.com/expr-lang/expr/pull/762

https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-2379

Título es
CVE-2025-2379

Lun, 17/03/2025 – 14:15

Tipo
CWE-74

Gravedad v2.0
7.50

Gravedad 2.0 Txt
HIGH

Título en

CVE-2025-2379

Descripción en
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /create-pass.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

17/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vector CVSS:2.0
AV:N/AC:L/Au:N/C:P/I:P/A:P

Gravedad 4.0
6.90

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
7.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://github.com/aionman/cve/issues/2

https://phpgurukul.com/

https://vuldb.com/?ctiid_299878=

https://vuldb.com/?id_299878=

https://vuldb.com/?submit_515872=

Enviar en el boletín
Off

17 Mar 2025

CVE-2025-2380

Título es
CVE-2025-2380

Lun, 17/03/2025 – 14:15

Tipo
CWE-74

Gravedad v2.0
7.50

Gravedad 2.0 Txt
HIGH

Título en

CVE-2025-2380

Descripción en
A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

17/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vector CVSS:2.0
AV:N/AC:L/Au:N/C:P/I:P/A:P

Gravedad 4.0
6.90

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
7.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://github.com/aionman/cve/issues/1

https://phpgurukul.com/

https://vuldb.com/?ctiid_299879=

https://vuldb.com/?id_299879=

https://vuldb.com/?submit_515873=

Enviar en el boletín
Off

17 Mar 2025

CVE-2024-12971

Título es
CVE-2024-12971

Lun, 17/03/2025 – 10:15

Tipo
CWE-77

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-12971

Descripción en
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6

17/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Green

Gravedad 4.0
8.60

Gravedad 4.0 txt
HIGH

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis

Referencias

https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/

Enviar en el boletín
Off

Autor: Jose Alexis Correa Valencia