This software installs EDTService.exe version 11.10.2.1, which is vulnerable to Unquoted Service Path vulnerability. This vulnerability allows an attacker to gain elevated privileges on the system.
The TOSHIBA DVD PLAYER Navi Support Service (TNaviSrv) is vulnerable to an unquoted service path vulnerability. This vulnerability allows an attacker to gain elevated privileges on the system by placing malicious files in the same directory as the TNaviSrv.exe service executable.
An improper neutralization of input during web page generation vulnerability ('Cross-site Scripting') [CWE-79] in FortiMail may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests to the FortiGuard URI protection service.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
Hotel Druid 3.0.3 is vulnerable to Remote Code Execution (RCE) due to improper input validation. An attacker can exploit this vulnerability by sending a malicious payload to the target application. This payload will be executed on the server side and can be used to gain access to the system. The exploit is achieved by sending a specially crafted POST request to the target application with the malicious payload in the 'n_app' parameter. The payload is then executed on the server side and the attacker can gain access to the system.
A vulnerability in the WordPress Plugin dzs-zoomsounds allows an unauthenticated attacker to execute arbitrary code on the vulnerable system. This is achieved by sending a malicious POST request to the savepng.php file, which contains a base64 encoded payload. The payload creates a file in the exploited folder, which can be used to execute arbitrary code on the vulnerable system.
WordPress Plugin MasterStudy LMS version 2.7.5 is vulnerable to unauthenticated admin account creation. An attacker can send a POST request to the /wp-admin/admin-ajax.php endpoint with the action parameter set to stm_lms_register and the nonce parameter set to a valid nonce. The request body should contain a JSON object with the user_login, user_email, user_password, user_password_re, become_instructor, privacy_policy, degree, expertize, auditory, additional, additional_instructors, and profile_default_fields_for_register parameters. The profile_default_fields_for_register parameter should contain a wp_capabilities object with the value set to {administrator: 1}. This will create an admin account with the specified username and password.
Services By CQR