A Server-Side Request Forgery (SSRF) vulnerability was found in the password recovery feature of Plane application. This vulnerability enables attackers to manipulate the email input field and insert a payload to force the server to send HTTP requests to domains controlled by the attacker.
The Rapid7 Nexpose Security Console version 6.6.240 on Windows 10 x64 is vulnerable to an unquoted service path issue. By inserting malicious code into the system root path, an attacker could potentially execute the code with elevated privileges during application startup or reboot.
This exploit targets a vulnerability in the MSHTML!CMarkupPointer::UnEmbed function. It allows an attacker to access memory that has already been freed, potentially leading to arbitrary code execution or a denial of service. The vulnerability was tested on IE11 on Windows 10 x64 and Windows 7 x64. The exploit triggers an access violation exception with the code c0000005.
The escape handler for 0x10000e9 lacks bounds checks and passes a user specified size as the size to memcpy, resulting in a stack buffer overflow. This vulnerability can potentially allow a malicious user to gain control of the affected machine.
exacqVision ESM 5.12.2 suffers from Privilege Escalation due to insecure file permissions. By default, the Authenticated Users group has the modify permission to ESM folders/files, allowing a low privilege account to rename the enterprisesystemmanager.exe file and replace it with a malicious file that can give system level privileges. Restarting the computer triggers the execution of the malicious file.
This exploit allows an attacker to perform Cross-Site Request Forgery (CSRF) attacks on AirTies Air5341 1.0.0.12 Modems. By tricking a user into clicking on a malicious link, the attacker can perform unauthorized actions on behalf of the user, such as changing the modem settings or stealing sensitive information.
A Stored Cross-site scripting (XSS) was discovered in wordpress plugins easy testimonials 3.2. Three parameters(_ikcf_client _ikcf_position _ikcf_other) have Cross-Site Scripting.
This exploit targets a buffer overflow vulnerability in CloudMe Sync version 1.10.9. It bypasses both SEH and DEP protections on Windows 10 (x64) systems. By sending a specially crafted request, an attacker can overwrite the SEH handler and execute arbitrary code.
The TeamSpeak Application was installed with insecure file permissions. It was found that all folder and file permissions were incorrectly configured during installation. It was possible to replace the service binary.
The Cain & Abel version 4.9.56 software on Windows 10 x64 is vulnerable to an unquoted service path vulnerability. The 'Abel' service has a binary path name that is not properly quoted, which could allow an attacker to escalate privileges and execute arbitrary code with the permissions of the LocalSystem account.
Services By CQR