This exploit allows an attacker to cause a denial of service (DoS) on FortiRecorder version 6.4.3 and below as well as versions 6.0.11 to 6.0.0. By sending a specially crafted payload to the target, the attacker can trigger a failure and disrupt the normal functioning of the system.
The vulnerability allows remote attackers to execute arbitrary code on the affected system by injecting PHP code into the metadata of a JPEG file and uploading it as a profile photo.
This file implements a POC for CVE-2022-47986 an YAML deserialization that causes a RCE in IBM Aspera Faspex (before 4.4.2).
Broken access control allows any remote attacker to create, update and delete the data of the application. Specifically, adding the admin users
The Best pos Management System v1.0 is vulnerable to SQL Injection. The 'id' parameter in the GET request is vulnerable to boolean-based blind, error-based, time-based blind, and UNION query injections.
The application suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.
This exploit allows an attacker to execute arbitrary code on a vulnerable Control Web Panel (CWP) version 0.9.8.1147 and below. By sending a specially crafted request to the /login/index.php endpoint, the attacker can inject a malicious cURL command that will be executed by the server. This can lead to unauthorized access, data leakage, and further compromise of the system.
The bgERP system suffers from unsecured login cookies in which cookies are stored as very sensitive login and also login session information! The attacker can trick the already login user and can steal the already generated cookie from the system and can do VERY DANGEROUS things with the already stored sensitive information. This can be very expensive for all companies which are using this system, please be careful! Also, this system has a vulnerable search parameter for XSS-Reflected attacks!
The attacker exploits a vulnerability in projectSend r1605 through file extension manipulation. By uploading a file with a manipulated file extension, the attacker is able to execute arbitrary code on the target system.
The PhotoShow version 3.0 is vulnerable to remote code execution. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.
Services By CQR