AVS Audio Converter 10.3 is vulnerable to a stack overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by crafting a malicious file and sending it to the victim, which can then be used to execute arbitrary code on the victim's system. The vulnerable module is AVSAudioConverter.exe, which has SafeSEH disabled. The exploit involves allocating 4-bytes for nSEH which should be placed directly before SEH which also takes up 4-bytes. The exploit can be generated using python 2.7.x on Linux.
A remote code execution vulnerability exists in WebTareas 2.4 due to improper input validation. An attacker can send a maliciously crafted HTTP POST request to the chattab_serv.php script with a specially crafted filename parameter containing PHP code. This code will be executed on the server when the script is executed.
A reflected XSS vulnerability exists in WebTareas 2.4, which allows an unauthorised user to inject malicious JavaScript code into the application. The vulnerability is triggered when a maliciously crafted URL is sent to the application, which is then reflected back to the user. The malicious code is executed in the user's browser, allowing the attacker to gain access to sensitive information or perform other malicious actions.
WebTareas 2.4 is vulnerable to an unauthorised SQL injection attack. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious webTareasSID cookie. This cookie contains a malicious payload which can be used to execute arbitrary SQL commands on the underlying database.
Atom CMS v2.0 is vulnerable to SQL Injection without authentication. An attacker can send a maliciously crafted HTTP POST request to the vulnerable application with a specially crafted 'id' parameter. This can allow an attacker to execute arbitrary SQL queries on the underlying database.
Aero CMS v0.0.1 is vulnerable to PHP Code Injection. An attacker can inject malicious code into the 'post_title' parameter of the 'posts.php' page when creating a new post. This can be exploited to execute arbitrary PHP code on the server.
Aero CMS v0.0.1 is vulnerable to SQL Injection without authentication. An attacker can send a specially crafted HTTP POST request to the search.php page with malicious SQL code in the search parameter. This will cause the server to return an error message containing the SQL code, which can be used to extract information from the database.
The uri "public/app/features/panel/panel_ctrl.ts" in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field) Payload used - <img src="[image_URL]"><h1>Hello</h1>
Desktop Server software used by mobile app has PIN option which does not to prevent command input. Connection response will be 'needpassword' which is only interpreted by mobile app and prompts for PIN input. A python script is used to exploit the vulnerability by sending a payload to the target IP address and executing it.
The PoC injects a XSS payload with the CSRF bypass into logs. This action will repeat every second until manually stopped. Admin user logs navigates to http://<target>/zm/index.php?view=log and XSS executes delete function on target UID (user).
Services By CQR