This exploit allows for running cmd.exe. It was tested on ntoskrnl version 10.0.18362.295.
A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file (CVE-2020-2696).
Blakord Portal <= Beta 1.3.A (all modules) is vulnerable to blind SQL injection. An attacker can manipulate the SQL queries to extract sensitive information from the database. The vulnerability allows an attacker to execute arbitrary SQL commands.
Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL.
This module exploits an unauthenticated remote command injection vulnerability found in Barco WePresent and related OEM'ed products. The vulnerability is triggered via an HTTP POST request to the file_transfer.cgi endpoint.
The 'bookisbn' parameter in the book.php file is vulnerable to SQL Injection. An attacker can manipulate the parameter to execute malicious SQL queries.
This exploit allows an attacker to inject SQL code in various modules of RUNCMS 1.6, including mydownloads/brokenfile.php, mydownloads/visit.php, mydownloads/ratefile.php, mylinks/ratelink.php, and mylinks/modlink.php. By exploiting this vulnerability, the attacker can retrieve the hash of the admin password.
Ricoh InfoPrint 6400 devices allow /config?logpathConf.html HTML Injection by authenticated users, as demonstrated by the 420 parameter.
Ricoh InfoPrint 6500 devices allow /config?destConf.html HTML Injection by authenticated users, as demonstrated by the 166 parameter.
The Digi AnywhereUSB 14 device is vulnerable to a reflective cross-site scripting (XSS) attack. By sending a specially crafted GET request, an attacker can inject and execute malicious script code on the target system, potentially leading to unauthorized access or data theft.
Services By CQR
