CVE-2024-30929: XSS Vulnerability in DerbyNet v9.0 via ‘back’ Parameter in playlist.php

Read Time:23 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30929

Description:
A Cross-Site Scripting (XSS) vulnerability has been found in DerbyNet version 9.0, affecting the `playlist.php`
component. This issue allows remote attackers to execute arbitrary code by exploiting the `back` parameter. The
application does not properly sanitize the `back` parameter before it is rendered on the page, thereby allowing the
injection and execution of arbitrary JavaScript code.

Vulnerability…

Read More

CVE-2024-30928: SQL Injection Vulnerability in DerbyNet v9.0 via ‘classids’ Parameter

Read Time:22 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30928

Description:
An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, particularly within the
`ajax/query.slide.next.inc` file. This vulnerability allows remote attackers to execute arbitrary code and disclose
sensitive information by exploiting the unvalidated `classids` parameter used in constructing SQL queries. This
parameter is not properly sanitized before being included in the SQL statement,…

Read More

CVE-2024-30927: XSS Vulnerability in DerbyNet v9.0 via racer-results.php

Read Time:23 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30927

Description:
A Cross-Site Scripting (XSS) vulnerability is present in DerbyNet version 9.0, specifically within the
`racer-results.php` component. This issue allows remote attackers to execute arbitrary code through the improper
handling of the `racerid` parameter. The vulnerability is notably present within the HTML `<title>` tag, where the
`racerid` parameter value is dynamically inserted directly into the page…

Read More

CVE-2024-30926: XSS Vulnerability in DerbyNet v9.0 via ./inc/kiosks.inc

Read Time:23 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30926

Description:
A Cross-Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, affecting the
`./inc/kiosks.inc` component. This vulnerability permits remote attackers to execute arbitrary code by exploiting the
`address_for_current_kiosk()` function. The issue stems from the improper sanitization of user-supplied input via the
URL parameters `id` and `address`, which are directly utilized without…

Read More

CVE-2024-30925: XSS Vulnerability in DerbyNet v9.0 via photo-thumbs.php

Read Time:21 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30925

Description:
A Cross-Site Scripting (XSS) vulnerability exists in DerbyNet version 9.0, specifically within the `photo-thumbs.php`
component. This issue enables a remote attacker to execute arbitrary code through the improper handling of the
`racerid` and `back` parameters. The vulnerability arises because the application dynamically generates URLs for
navigation without adequately sanitizing these parameters, thus…

Read More

CVE-2024-30924: XSS Vulnerability in DerbyNet v9.0 via checkin.php

Read Time:23 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30924

Description:
A Cross Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, specifically within the
`checkin.php` component. This vulnerability allows remote attackers to execute arbitrary code due to improper handling
of the `order` URL parameter. The flaw lies in the way the `order` parameter is embedded directly into a JavaScript
variable assignment without adequate sanitization or encoding,…

Read More

CVE-2024-30923: SQL Injection in DerbyNet v9.0 via print/render/racer.inc

Read Time:21 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30923

Description:
An SQL Injection vulnerability has been discovered in DerbyNet version 9.0, specifically within the
`print/render/racer.inc` component. This vulnerability allows remote attackers to execute arbitrary code and disclose
sensitive information by exploiting improper sanitization of the `where` clause in Racer Document Rendering.

Vulnerability Type: SQL Injection

Vendor of Product: DerbyNet – Available on…

Read More

CVE-2024-30922: SQL Injection in DerbyNet v9.0 via print/render/award.inc

Read Time:20 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30922

Description:
A SQL Injection vulnerability has been identified in DerbyNet version 9.0, specifically affecting the ‘where’ clause in
Award Document Rendering through the component `print/render/award.inc`. This vulnerability allows remote attackers to
execute arbitrary code and disclose sensitive information without requiring authentication.

Vulnerability Type: SQL Injection

Vendor of Product: DerbyNet -…

Read More

CVE-2024-30921: Unauthenticated XSS Vulnerability in DerbyNet v9.0 via photo.php

Read Time:21 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30921

Description:
A Cross-Site Scripting (XSS) vulnerability has been identified in DerbyNet version 9.0, specifically affecting the
photo.php component. This vulnerability allows remote attackers to execute arbitrary code via crafted URLs, without
requiring authentication.

Vulnerability Type: Cross-Site Scripting (XSS)

Vendor of Product: DerbyNet – Available on GitHub: https://github.com/jeffpiazza/derbynet

Affected…

Read More

CVE-2024-30920: XSS Vulnerability in DerbyNet v9.0 via render-document.php

Read Time:22 Second

Posted by Valentin Lobstein via Fulldisclosure on Apr 05

CVE ID: CVE-2024-30920

Description:
A Cross Site Scripting (XSS) vulnerability has been identified in DerbyNet v9.0, specifically within the
`render-document.php` component. This vulnerability allows a remote attacker to execute arbitrary code via crafted
URLs. The root cause of the vulnerability is the application’s failure to properly sanitize user input in document
rendering paths, which permits the injection of malicious scripts….

Read More