Authenticated SQL Injection vulnerability in eScan Management Console version 14.0.1400.2281 allows an attacker to execute arbitrary SQL commands through the 'UsrId' parameter in the GetUserCurrentPwd function, leading to unauthorized access to the database and potential remote code execution.
A Cross Site Scripting (XSS) vulnerability exists in Webkul Qloapps which is a free and open-source hotel reservation & online booking system. The vulnerability can be exploited through the 'back' and 'email_create' parameters.
The SitemagicCMS version 4.4.3 is vulnerable to remote code execution (RCE). An attacker can upload a malicious shell.phar file with the content '<?php echo system("cat /etc/passwd"); ?>' and execute arbitrary commands on the target system. This can lead to unauthorized access, data leakage, and further compromise of the system. The vulnerability was found by Mirabbas Agalarov.
This exploit allows an attacker to inject malicious formulas into a CSV file, which can then be executed when opened by a user. In this case, the exploit is triggered when an admin exports customers as a CSV file and opens it on their computer. The payload used in this exploit is '=calc|a!z|@test.com', which opens the calculator on the admin's computer.
Screen is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information including usernames and source IP addresses.
The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
This exploit circumvents the control and requirement of admin's old password and directly changes the password.
The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
The application suffers from a weak session management that can allow an attacker on the same network to bypass these controls by reusing the same IP address assigned to the victim user (NAT) and exploit crucial operations on the device itself. By abusing the IP address property that is binded to the Session ID, one needs to await for such an established session and issue unauthorized requests to the vulnerable API to manage and/or manipulate the affected transmitter.
Services By CQR