YesWiki before 4.5.2 allows unauthenticated path traversal via the 'squelette' parameter. An attacker can exploit this to read arbitrary files on the server, like /etc/passwd.
The Smart Manager plugin version 8.27.0 is vulnerable to a post-authenticated SQL injection due to improper sanitization of input parameters. Attackers with high privileges like administrators can exploit this issue by manipulating the 'sort_params%5BsortOrder%5D' and 'sort_params%5Bcolumn%5D' parameters in the admin AJAX endpoint (/wp-admin/admin-ajax.php). This allows attackers to inject malicious SQL commands, resulting in a time-based SQL injection vulnerability.
The exploit allows an attacker to execute remote code in FoxCMS v.1.2.5. By sending a specially crafted payload to the target, an attacker can run arbitrary commands on the system. This vulnerability is identified as CVE-2025-29306.
The exploit involves performing SQL injection in Feng Office version 3.11.1.2 by manipulating the 'dim' parameter value in the HTTP GET request. By using tools like SQLMap, an attacker can automate the injection process to access or manipulate the database.
KubeSphere 3.4.0 allows unauthorized users to access sensitive information, such as cluster and node details, users' information, without being registered to any workspace or cluster. This vulnerability exists in versions [>= 4.0.0 & < 4.1.3] and [>= 3.0.0 & < 3.4.1]. An attacker can exploit this flaw to gain unauthorized access to various endpoints like cluster overview, node details, and project information.
The vulnerability in WooCommerce Customers Manager plugin version 29.4 allows attackers with the Subscriber+ role to perform SQL injection by manipulating transaction amount parameters like 'max_amount', 'max_amount_total', 'min_amount', and 'min_amount_total' in the admin AJAX endpoint.
An unauthenticated SQL Injection vulnerability is found in LearnPress WordPress Plugin versions up to 4.2.7. This flaw exists in the c_only_fields parameter of the LearnPress API endpoint, allowing attackers to execute malicious SQL commands through API requests without authentication. Successful exploitation could result in unauthorized database access, potential exposure of sensitive data, or even granting administrative control through database manipulation.
An unauthenticated SQL injection vulnerability was found in KiviCare Clinic & Patient Management System (EHR) version 3.6.4. The vulnerability exists in the tax_calculated_data AJAX action, where the visit_type[service_id] parameter is insufficiently escaped, allowing attackers to execute SQL injection attacks.
The X2CRM version 8.5 is vulnerable to a stored cross-site scripting (XSS) exploit. By entering a malicious XSS payload in the 'Name' field while creating a list under the 'Opportunities' section, an attacker can trigger the stored XSS payload when accessing the 'Lists' tab.
The vm2 library version <= 3.9.19 is vulnerable to a sandbox escape exploit. By executing specially crafted code, an attacker can escape the sandbox environment and execute arbitrary commands on the host system. This vulnerability has been assigned CVE-2023-37466.
Services By CQR