qdPM 9.2 is vulnerable to Cross-site Request Forgery (CSRF). An attacker can craft a malicious HTML file and host it. The attacker can then send the malicious HTML file to the victim. When the victim opens the malicious HTML file, the attacker can modify the user account details of the victim.
minewebcms 1.15.2 is vulnerable to Cross-site Scripting (XSS). An attacker can inject malicious JavaScript code into the 'Link Name' and 'URL' fields of the 'Drop-Down Menu' page, which will be executed when the page is accessed. The malicious code can be triggered by navigating to the web application's home page.
KLiK Social Media Website 1.0 is vulnerable to multiple SQL injection attacks. Attackers can exploit the 'poll' (GET) parameter with a time-based blind payload, the 'pollID' (POST) parameter with a boolean-based blind payload, and the 'voteOpt' (POST) parameter with a boolean-based blind payload. All of these payloads can be used to gain access to the underlying database.
This exploit allows an authenticated user to execute arbitrary code on the vulnerable Zenario CMS version 9.0.54156. The exploit requires the attacker to have valid credentials to the CMS. The exploit works by sending a POST request to the admin_boxes.ajax.php endpoint with a malicious PHP file encoded in base64. The malicious file is then uploaded to the server and can be accessed by sending a GET request to the uploaded file.
Broken access control allows any authenticated user to change the cookie banner through a POST request to admin-ajax.php. If users can't register, this can be done through CSRF.
A vulnerability in Kramer VIAware 2.5.0719.1034 allows an attacker to execute arbitrary code on the target system. This is due to the lack of authentication when sending requests to the runCmd.php page. An attacker can send a POST request to the runCmd.php page with a command to execute, which will be executed on the target system.
This exploit allows an authenticated user to execute arbitrary code on a vulnerable PostgreSQL server. The exploit uses a base64 encoded payload which is passed to the PostgreSQL server via a SELECT statement. The payload is then decoded and executed on the server.
CSZ CMS 1.2.9 is vulnerable to Blind SQL Injection. An authenticated user can inject malicious SQL queries in the 'fieldS[]' or 'orderby' parameter of the 'General Menu > CSV Export / Import' page. By issuing sleep(0) response will be delayed to 0 seconds. By issuing sleep(1) response will be delayed to 1 seconds. By issuing sleep(5) response will be delayed to 5 seconds. By issuing sleep(10) response will be delayed to 10 seconds.
An attacker can exploit a Local File Read vulnerability in WordPress Plugin admin-word-count-column version 2.2. The vulnerability exists due to the lack of proper validation of user-supplied input in the 'path' parameter of the 'download-csv.php' script. A remote attacker can send a specially crafted request to the vulnerable script and read arbitrary files from the server. The attacker can also inject a null byte to bypass the file extension check and read any file from the server.
The WordPress Plugin video-synchro-pdf version 1.7.4 is vulnerable to Local File Inclusion. The vulnerable code is present in the file video-synchro-pdf/reglages/Menu_Plugins/tout.php. The code does not properly validate user input and allows an attacker to include arbitrary files from the local system. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious file path in the 'p' parameter. This will allow the attacker to read the contents of the file and potentially execute arbitrary code.
Services By CQR