By manually setting the "atop" cookie to the value of "1", an attacker on the same network can bypass the username and password requirement to access the application control panel of the Optoma 1080PSTX firmware C02.
The TinyWebGallery v2.5 application is vulnerable to remote code execution (RCE) due to improper handling of uploaded files. An attacker can upload a malicious .phar file containing PHP code and execute arbitrary commands on the server. This can lead to unauthorized access, data theft, or further compromise of the system.
This is a local kernel ring0 SYSTEM exploit for DESlock+ <= 3.2.6. It allows an attacker to gain SYSTEM privileges on the target machine. The exploit requires a mountable filesystem named 'XXXAAAA.mnt' to be copied to the root directory and mounted. After mounting, the 'deslock-pown-v2' executable can be run to gain SYSTEM privileges.
RockMongo v1.1.7, does not sufficiently encode user-controlled inputs, resulting in a stored and reflected Cross-Site Scripting (XSS) vulnerability via the index.php, in multiple parameter.
This code is written in python and helps to create an admin account on ulicms-2023.1-sniffing-vicuna
The Companymaps V8.0 software is vulnerable to stored cross-site scripting (XSS) attacks. An attacker can send a malicious payload via the 'token' parameter to the '/rest/update/?token=' endpoint, which will be executed when an admin accesses the auditlog tab. This allows the attacker to steal the admin's cookie and potentially gain unauthorized access to the application.
The PHPJabbers Simple CMS V5.0 is vulnerable to a stored cross-site scripting (XSS) vulnerability. By injecting a specially crafted payload in the 'Section' box, an attacker can execute arbitrary JavaScript code in the context of the victim's browser. This can lead to various attacks, including session hijacking, defacement of the website, and stealing sensitive information.
The script is an exploit for the Sophos Web Appliance version 4.3.10.4 and older that allows for pre-auth command injection. It uses the curl command to send a request to the target URL with a payload that includes a command injection. The exploit then checks if the command injection was successful by checking for a response from a specific domain. If the response is found, the script outputs 'YES' to a file.
This vulnerability allows an attacker to inject malicious scripts into the Piwigo application, potentially leading to unauthorized actions or data theft. By uploading an image and modifying the tag during editing, an attacker can execute arbitrary JavaScript code. The payload used in this case is '<img%20src=x%20onerror=alert(4)>'.
The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. However, there was a bug in the kernel version 6.2 that left the victim process exposed to attacks in some cases even after enabling the spectre-BTI mitigation with prctl. This vulnerability allowed other processes running on the same physical core in another hyperthread to attack the protected application.
Services By CQR