This exploit allows an attacker to upload arbitrary files to the target system using the vulnerable Scriptcase 9.7 software. By exploiting this vulnerability, an attacker can potentially upload a malicious PHP file and achieve remote code execution.
A SQL injection vulnerability was discovered in Issue Trak versions <= 7.0, and is possibly applicable up to version 9.7. The vulnerable endpoint is www.example.com/IssueTrak/IssueSearch_Process.asp, and the vulnerable parameters are Status, Priority, inp_IssueType, SubmittedBy, EnteredBy, AssignedTo, AssignedBy, NextActionBy, ClosedBy, ProjectManager, and inp_OrgID. An attacker can exploit this vulnerability by sending a malicious HTTP request containing a SQL injection payload. The SQLMap and NoSQLMap commands can be used to exploit this vulnerability.
A buffer overflow vulnerability exists in Download Accelarator Plus (DAP) 9.7. An attacker can exploit this vulnerability by creating a malicious M3U file and convincing the user to open it. This will cause a buffer overflow and allow the attacker to execute arbitrary code on the target system.
This module exploits a stack overflow in IDEAL Administration v9.7. By creating a specially crafted ipj file, an an attacker may be able to execute arbitrary code.
User supplied input passed through the $_REQUEST['catlist'] parameter is not properly sanitized before being used in a preg_replace() call with the e modifier at lines 249 and 253. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires a template which contains a “catlist” (or a “not-catlist”) tag.
Data in the CyberArk Password Vault may be accessed through a proprietary network protocol. While answering to a client's logon request, the vault discloses around 50 bytes of its memory to the client.
Services By CQR