A stored XSS vulnerability exists in WordPress Plugin WP-UserOnline version 2.87.6 and below. An attacker can exploit this vulnerability by entering malicious JavaScript payload into the User(s) Browsing Site field in the plugin settings. When the payload is triggered, the JavaScript code is executed, allowing the attacker to gain access to the user's session.
A vulnerability in Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) allows an unauthenticated attacker to execute arbitrary code on the device. The vulnerability exists due to improper validation of user-supplied input in the web interface. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the web interface. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the device.
The device suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
If an attacker had already compromised the system and the current user has the privileges to write in the 'C:Program Files (x86)ASUS' folder or in 'C:', he could place his own 'Program.exe' or 'GameSDK.exe' files respectively, and when the service starts, it would launch the malicious file, rather than the original 'GameSDK.exe'.
DingTian DT-R002 2CH Smart Relay is vulnerable to Authentication Bypass by Capture-replay. An attacker can send a crafted request to the vulnerable device to bypass authentication and gain access to the device.
A 0-day unauthenticated Remote Code Execution (RCE) vulnerability was discovered in rpc.py versions v0.4.2 - v0.6.0. An attacker can exploit this vulnerability by sending a malicious serialized payload to the vulnerable server using the pickle serializer. This payload can be used to execute arbitrary commands on the vulnerable server.
GeoNetwork 3.1.x through 4.2.0 is vulnerable to XML External Entity (XXE) attack during rendering pdf of map. The XML parser is not configured securely to validate submitted XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server.
The parameter `idx` from the Visual Slide Box Builder plugin app for WordPress appears to be vulnerable to SQLi. The attacker can receive all database information from the WordPress database and he can use it for very malicious purposes.
OctoBot WebInterface 0.4.3 is vulnerable to Remote Code Execution (RCE) due to improper input validation. An attacker can send a malicious payload to the /commands/run_command endpoint to execute arbitrary code on the target system. This exploit was tested on Linux (Ubuntu, CentOs).
CodoForum v5.1 is vulnerable to a Remote Code Execution (RCE) vulnerability. An authenticated attacker can upload a malicious PHP file to the server and execute arbitrary code. This exploit was discovered and written by Krish Pandey (@vikaran101).
Services By CQR