This exploit allows an authenticated user to execute remote code on qdPM version 9.1 and below. By exploiting a path traversal vulnerability, the attacker can upload a malicious .htaccess file which allows them to execute arbitrary code.
This exploit allows authenticated remote code execution (RCE) on m1k1o's Blog version 1.3 and below. By exploiting a file upload vulnerability, an attacker can upload a malicious file and execute arbitrary code on the target system. The vulnerability has been assigned CVE-2022-23626.
Authenticated SQL injection vulnerability in T-Soft E-Commerce 4 allows remote attackers to execute arbitrary SQL commands and gain unauthorized access to the database. The vulnerability can be exploited by an attacker who is logged in as an admin or privileged user.
This proof-of-concept (POC) demonstrates a vulnerability in Nvidia GeForce Experience that allows an attacker to execute arbitrary OS commands via a web browser. The vulnerability exists in the autoGFEInstall endpoint, which is accessible without authentication. The endpoint accepts a parameter containing the command to be executed, which is then passed to a system call. An attacker can exploit this vulnerability by sending a specially crafted request to the endpoint, which will execute the command specified in the request.
The DFG JIT compiler attempts to determine whether a DFG IR operation could cause garbage collection (GC) during its execution. If the analysis is incorrect and a GC can happen in between, then the emitted code can cause use-after-free issues, e.g. if an unmarked (white) object is assigned as property to an object that was marked during an unexpected GC (and is thus black). This vulnerability was found through fuzzing and then simplified, triggering an assertion in JSC debug builds.
Plugin implements the following AJAX actions: - `ContactFormMakerPreview` - `ContactFormmakerwdcaptcha` - `nopriv_ContactFormmakerwdcaptcha` - `CFMShortcode` All of them call the function `contact_form_maker_ajax`. This function dynamicaly loads a file defined in `$_GET['action']` or `$_POST['action']` if the former is not defined. Because of the way WordPress defines the AJAX action a user could define the plugin action in the `$_GET['action']` and AJAX action in `$_POST['action']`. Leveraging that and the fact that no sanitization is performed on the `$_GET['action']`, a malicious actor can perform a CSRF attack to load a file using directory traversal thus leading to Local File Inclusion vulnerability.
Plugin implements the following AJAX actions: manage_fm, get_stats, generete_csv, generete_xml, formmakerwdcaptcha, nopriv_formmakerwdcaptcha, formmakerwdmathcaptcha, nopriv_formmakerwdmathcaptcha, product_option, FormMakerEditCountryinPopup, FormMakerMapEditinPopup, FormMakerIpinfoinPopup, show_matrix, FormMakerSubmits, FormMakerSQLMapping, select_data_from_db, manage. All of them call the function form_maker_ajax_fmc. This function dynamicaly loads a file defined in $_GET['action'] or $_POST['action'] if the former is not defined. Because of the way WordPress defines the AJAX action a user could define the plugin action in the $_GET['action'] and AJAX action in $_POST['action']. Leveraging that and the fact that no sanitization is performed on the $_GET['action'], a malicious actor can perform a CSRF attack to load a file using directory traversal thus leading to Local File Inclusion vulnerability.
An SQL injection vulnerability exists in Jettweb Php Hazir Ilan Sitesi Scripti V2, which allows an attacker to execute arbitrary SQL commands via the vulnerable parameter 'kat' in the 'katgetir.php' script. The payload 'kat=1' OR NOT 1300=1300-- rwTf' can be used to exploit this vulnerability.
Jettweb PHP Hazir Haber Sitesi Scripti V3 is prone to multiple vulnerabilities, including SQL injection and authentication bypass. An attacker can exploit these vulnerabilities to gain access to sensitive information, inject malicious code into the application, and execute arbitrary commands in the context of the application. The SQL injection vulnerabilities exist in the 'fonksiyonlar.php' script, the 'kelimeara' script, and the 'datagetir.php' script. The authentication bypass vulnerability exists in the 'login.php' script.
This exploit targets the axigen email server versions 1.2.6 to 2.0.0b1. It causes a parsing error which results in a DoS attack. In little-endian systems, it only causes a DoS attack, while in big-endian systems, it also causes an off-by-one heap smash.
Services By CQR