The WordPress Core version 6.2 is vulnerable to a directory traversal attack. An attacker can manipulate input in a way that allows them to access files outside of the intended directory, such as sensitive system files like /etc/passwd. This vulnerability is identified as CVE-2023-2745.
The exploit leverages an unauthenticated API endpoint (/api/config) on the Solstice Pod to extract sensitive information like the session key, server version, product details, and display name. Attackers can retrieve live session data by accessing this endpoint without proper authentication.
The FatWire UpdateEngine is prone to multiple cross-site scripting vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a user visiting the affected site. This can lead to the theft of authentication credentials and other attacks.
This exploit allows an attacker to retrieve the username and password from the RPS 6.2 system using SQL injection.
The omniinet service in HP Data Protector is vulnerable to remote command execution. By sending a malicious EXEC_BAR packet, an attacker can force the service to run arbitrary commands on the target system. This can lead to complete compromise of the remote host. The vulnerability can be exploited by sending two specific arguments to the omniinet service. The exploit creates a new Windows account and adds it to the local Administrators group.
This exploit allows an attacker to download and overwrite files on a vulnerable system using the "GetToFile" method of the CLINETSUITEX6.OCX ActiveX control. The provided code downloads a text file from a remote server and saves it to the local system. The exploit can be modified to overwrite any file on the system, such as cmd.exe.
This exploit allows a user to execute arbitrary commands on the remote server with the privileges of the httpd. It combines three methods of exploitation and acts as a remote shell, parsing all returned data to display command output and running in a loop for continuous access.
This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the `configdir` parameter. If the users sends a command prefixed and postfixed with | , the command will be executed.
Based on Ruder's discovery, this exploit allows an attacker to execute arbitrary code by sending a long parameter to the ping command in the telnet service of CCProxy server. The vulnerability is a stack-based overflow. The exploit uses a shellcode that binds to port 101 and connects back to the attacker using netcat. This exploit has been tested on Windows XP SP1 English.
IDM v6.20 Local Buffer Overflow is a local exploit which allows attackers to execute arbitrary code on vulnerable installations of Internet Download Manager. The vulnerability is due to a boundary error within the processing of the username field when configuring a VPN/Dial Up connection. By sending a specially crafted string, an attacker can overwrite the EIP register and control the flow of execution. This can be exploited to execute arbitrary code by sending a malicious string to the username field when configuring a VPN/Dial Up connection.
Services By CQR