This exploit allows remote attackers to execute arbitrary commands on Windows Media Services. The vulnerability exists in the Windows Media Services version 1.0 beta. By sending a specially crafted request, an attacker can exploit this vulnerability to execute arbitrary code. The vulnerability is due to a buffer overflow in the handling of user-supplied input. This can result in the execution of arbitrary code with the privileges of the affected service.
The Wago PFC200 (up to incl. Firmware 11 02_08_35) is vulnerable to an authenticated remote code execution in the administrative web interface. By exploiting the vulnerability, an attacker is able to run system commands in root context. To execute this module, login credentials of the website administrator are required (default: admin/wago). This module was tested against a Wago 750-8202 Firmware 11 (02_08_35) but other PFC200 models may be affected as well.
The AVideo Platform version 8.1 is vulnerable to an information disclosure vulnerability that allows an attacker to enumerate valid user accounts. By sending a GET request to the 'playlistsFromUser.json.php' endpoint with a valid 'users_id' parameter, an attacker can retrieve sensitive information such as user IDs, usernames, email addresses, passwords (hashed), creation and modification timestamps, and other user details. The vulnerability is due to insufficient access controls on the endpoint, which allows unauthorized users to access the information.
TODO
P2PWIFICAM is a matching network camera P2P (point to point) monitoring software. Adopt the advanced P2P technology, can make the camera in the intranet from port mapping complex, truly plug and play! The vulnerability allows an attacker to crash the application by inputting a large amount of data into the 'Camera ID' field.
The School ERP Ultimate web application is vulnerable to Cross Site Request Forgery that leads to admin account creation and arbitrary user deletion.
The vulnerability allows an attacker to traverse directories and access sensitive files such as the /etc/passwd file. The exploit is achieved by manipulating the 'picture' parameter in the URL.
The BearFTP version 0.1.0 is vulnerable to a denial of service (DoS) attack. By sending a specially crafted 'PASV' command, an attacker can cause the server to spawn multiple threads, consuming excessive resources and causing the server to struggle in processing commands. The attack can be mitigated by applying a patch provided by the vendor.
The vulnerability occurs on line 65 of the index.php file. If the page_slug parameter is not set by the user, it is set to 'index'. However, if the user sets the parameter via a GET or POST request, it checks if the file exists and performs an unsanitized inclusion. The PHP file appends '.php' to anything provided as the page_slug parameter, allowing for file inclusion. Authentication is required to exploit this vulnerability.
The ZeusCMS version 0.3 and earlier is vulnerable to a blind SQL injection exploit. The vulnerability allows an attacker to inject SQL code through the HTTP Referer header, which is not properly checked.
Services By CQR