Popcorn Time For Windows installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
Multiple persistent cross site scripting vulnerabilities have been discovered in the official Sky File v2.1.0 mobile iOS web-application. The vulnerability allows remote attackers to inject their own malicious script codes with a persistent attack vector to compromise the browser and web-application requests from the application-side. A directory traversal web vulnerability has also been discovered, allowing an attacker to unauthorized change the path or directory to access sensitive application data.
The Complaint Management System 4.2 allows for persistent cross-site scripting (XSS) attacks. The vulnerability exists in the user registration functionality and in the admin dashboard where the fullName field is not properly filtered. An attacker can insert malicious code into the fullName field, which will be executed when displayed on the admin dashboard.
The User Management System 2.0 is vulnerable to persistent cross-site scripting (XSS) attacks. The vulnerability exists in the user registration functionality and the admin dashboard, where user input is not properly filtered before being inserted into the database or displayed on the webpage. An attacker can exploit this vulnerability by inserting malicious script code as the 'fname' parameter, which will be executed when the page is viewed by other users.
A persistent input validation web vulnerability has been discovered in the official Mahara v19.10.2 CMS web-application series. The vulnerability allows remote attackers to inject own malicious script codes with persistent attack vector to compromise browser to web-application requests from the application-side. The persistent vulnerability is located in the 'nombre' and 'descripción' parameters of the 'Ficheros' module in the 'groupfiles.php' file. Remote attackers with low privileges are able to inject own malicious persistent script code as files and foldernames. The injected code can be used to attack the frontend or backend of the web-application. The request method to inject is POST and the attack vector is located on the application-side. Files are able to be reviewed in the backend by higher privileged accounts and can be shared. Successful exploitation of the vulnerabilities results in session hijacking, persistent phishing attacks, persistent external redirects to malicious source and persistent manipulation of affected application modules.
The Edimax EW-7438RPn 1.13 version is vulnerable to an information disclosure exploit. By accessing the 'wlencrypt_wiz.asp' file, an attacker can retrieve sensitive information such as the WiFi password. The exploit code reveals various settings and configurations including hardware details, platform information, wireless settings, and more.
This exploit takes advantage of a buffer overflow vulnerability in RM Downloader version 3.1.3.2.2010.06.13. By crafting a specially crafted payload and pasting it into the 'Load' parameter of the application, an attacker can trigger a buffer overflow and potentially execute arbitrary code.
The P5 FNIP-8x16A/FNIP-4xSH controller suffers from CSRF and XSS vulnerabilities. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Input passed to several GET/POST parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
NSClient++ is a monitoring agent that has the option to run external scripts. This feature can allow an attacker, given they have credentials, the ability to execute arbitrary code via the NSClient++ web application. Since it runs as NT Authority/System bt Default, this leads to privileged code execution.
IQrouter firmware up to 3.3.1 allows remote code execution via multiple vulnerabilities.
Services By CQR