YesWiki before 4.5.2 allows unauthenticated path traversal via the 'squelette' parameter. An attacker can exploit this to read arbitrary files on the server, like /etc/passwd.
A Server-Side Request Forgery (SSRF) vulnerability was found in the password recovery feature of Plane application. This vulnerability enables attackers to manipulate the email input field and insert a payload to force the server to send HTTP requests to domains controlled by the attacker.
Unauthenticated remote code execution vulnerability in Chamilo LMS version 1.11.24 (Beersel) allows attackers to upload files without restrictions, leading to remote code execution.
Jasmin Ransomware's web panel allows authenticated users to download arbitrary files due to a SQL Injection vulnerability, potentially leading to unauthorized access to sensitive data. This vulnerability has been assigned CVE-2025-XXXXX.
By tricking a user into visiting a malicious website, an attacker could exploit this vulnerability in IBM Security Verify Access 10.0.0 - 10.0.8 to redirect the user to a different site that appears legitimate, potentially leading to the disclosure of sensitive information or enabling further attacks.
The Jasmin Ransomware application is vulnerable to SQL Injection which allows an attacker to bypass authentication on the login page by inserting a specially crafted payload into the email and code fields. By entering the payload '=' 'or' in both the email and code fields, an attacker can bypass the authentication and gain unauthorized access to the admin panel.
The ollama 0.6.4 application is vulnerable to Server-Side Request Forgery (SSRF) attack. An attacker can manipulate the 'from' parameter in the payload to make the server send requests to arbitrary hosts, potentially leading to unauthorized access to internal systems.
A SQL injection vulnerability exists in the login functionality of NEWS-BUZZ News Management System version 1.0. This vulnerability allows an attacker to manipulate the SQL query by altering the user_name parameter, potentially leading to unauthorized access to the database.
The login page in the Integration Server in Software AG webMethods 10.15.0 before Core Fix7 allows remote attackers to access the administration panel and obtain server hostname and version information by sending a dummy username and blank password to the login URI. By dropping the request to "/admin/navigation/license," attackers can remain logged in and access sensitive details such as the server's real hostname, version info, and administrative API endpoints.
The reNgine version 2.2.0 is vulnerable to authenticated command injection. By modifying the nmap_cmd parameters in the yml configuration, an attacker can inject malicious commands. This can lead to unauthorized remote code execution with the privileges of the application. This exploit allows an authenticated user to execute arbitrary commands on the underlying system.
Services By CQR