The vulnerability allows an attacker to execute arbitrary SQL queries by manipulating the 'id' parameter in the 'sezione_news.php' script. By injecting SQL code, an attacker can retrieve sensitive information such as usernames and hashes.
Acronis True Image OEM 19.0.5128 suffers from an unquoted search path issue impacting the service 'afcdpsrv'. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user’s code would execute with the elevated privileges of the application.
Sendmail w/ clamav-milter Remote Root Exploit allows an attacker to gain remote root access to the target system. By sending specific commands to the target's Sendmail service, the attacker can execute arbitrary commands with root privileges.
A vulnerable implementation of IOInterruptEventSource on a workloop exists in IOUSBDeviceFamily. The code can be triggered by a local attacker by sending a malicious USB control request to device. It seems the faulting address register is corrupted as result of a heap corruption vulnerability. However, on earlier iOS versions (tested on 12.0.1) we were able to trigger a use after free in reserved->statistics relating to the same vulnerable code too. This bug was found through statically analyzing xnu from public source and optimized USB fuzzing.
The gbClienService service in GCafé 3.0 has an unquoted service path vulnerability, which could allow an attacker to escalate privileges on Windows systems.
This module exploits an unauthenticated command injection vulnerability in rConfig versions 3.9.2 and prior. The 'install' directory is not automatically removed after installation, allowing unauthenticated users to execute arbitrary commands via the 'ajaxServerSettingsChk.php' file as the web server user. This module has been tested successfully on rConfig version 3.9.2 on CentOS 7.7.1908 (x64).
This is a proof-of-concept exploit for the Microsoft Message Queue vulnerability (MS07-065). The vulnerability allows for a buffer overflow attack, which can potentially lead to remote code execution. The exploit code provided is designed to target Windows 2000 Advanced server SP4.
This is a proof of concept exploit for a local stack buffer overflow vulnerability in glFTPd. The exploit has been tested on Slackware 9.0, 9.1, and 10.0. It allows an attacker to execute arbitrary code with the privileges of the glFTPd process.
Adaware Web Companion version 4.8.2078.3950 service 'WCAssistantService' has an unquoted service path. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
The application suffers from an unquoted search path issue impacting the service 'QVssService'. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user’s code would execute with the elevated privileges of the application.
Services By CQR