The reNgine version 2.2.0 is vulnerable to authenticated command injection. By modifying the nmap_cmd parameters in the yml configuration, an attacker can inject malicious commands. This can lead to unauthorized remote code execution with the privileges of the application. This exploit allows an authenticated user to execute arbitrary commands on the underlying system.
The YNP Portal System version 2.2.0 is vulnerable to remote file disclosure. This allows an attacker to access sensitive files on the server by exploiting the 'showpage.cgi' script. By manipulating the 'p' parameter in the URL, an attacker can disclose files outside the web root directory, such as the '/etc/passwd' file.
An information disclosure vulnerability exists in Hasura GraphQL Community 2.2.0. An attacker can send a specially crafted request to the server to leak environment variables. The attacker can send a POST request to the '/v1/metadata' endpoint with a specially crafted payload containing an environment variable key to leak. This can lead to the disclosure of sensitive information.
A SQL Injection vulnerability exists in Redaxscript CMS 2.2.0. The vulnerable parameter is the 'search_terms' parameter in the 'search_post()' function of the 'redaxscript/includes/search.php' file. An attacker can send a maliciously crafted POST request to the vulnerable application to execute arbitrary SQL commands in the back-end database.
PivotX is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Apache James is prone to a remote denial-of-service vulnerability. This issue is due to the application's failure to efficiently handle malformed SMTP commands. This issue allows remote attackers to consume excessive CPU resources of affected computers, potentially denying service to legitimate users.
Due to a rare and subtle bug in the 2.2.0 kernel, a linux machine can be forced to reboot by an unpriviliged local user. The reason for this is because of the invalid ELF core layout and the fact that munmap wipes out a vital page table entry.
The Zingiri Web Shop Wordpress plugin is vulnerable to a Remote File Inclusion (RFI) vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute it on the vulnerable server. The vulnerable code is located in the init.inc.php file, which is used to initialize the plugin. The code is vulnerable to RFI because it does not properly validate user-supplied input, allowing an attacker to include a malicious file from a remote server.
The vulnerability exists due to failure in the "/websites.php" script to properly sanitize user-supplied input in "url" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user through two different cookies. Alter the value of cookies called 'default_news' or 'sponsors' and then view a site page which includes controllers/index.ctrl.php or controllers/settings.ctrl.php that will render the cookies as they exist on the user's machine.