The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection.
This exploit is a blind SQL injection vulnerability in the Home Owners Collection Management System 1.0. The vulnerable code is located in the file '/hocms/admin/members/view_member.php' on line 68. The vulnerable code is a query that takes the 'id' parameter from the GET request and uses it in the query without any sanitization. An attacker can use the sqlmap tool to exploit this vulnerability and gain access to the database.
Home Owners Collection Management System is vulnerable to unauthenticated account takeover. An attacker can takeover any registered 'Staff' user account by just sending a POST request with modified parameters such as 'id', 'firstname', 'lastname', 'username', 'password', and 'type'.
The loginid and password parameters from Hospital Management Startup 1.0 appear to be vulnerable to SQL injection attacks. The attacker can retrieve all information from the administrator account of the system and he can use the information for malicious purposes! WARNING: If this is in some external domain, or some subdomain, or internal, this will be extremely dangerous!
AtomCMS v2.0 is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a malicious payload to the application. The payload can be a time-based blind or a UNION query. The malicious payload can be sent via a POST request to the login.php page.
A stored XSS vulnerability was discovered in WordPress Plugin CP Blocks version 1.0.14. An attacker can inject malicious JavaScript payload into the 'License ID' field, which will be stored in the database. When the same functionality is triggered, the payload will be executed, resulting in a pop-up.
A stored cross-site scripting (XSS) vulnerability was discovered in the WordPress Plugin Security Audit version 1.0.0. An attacker can inject malicious JavaScript payloads into the 'Data Id' field of the Security Audit settings, which will be stored in the database. When the same functionality is triggered, the malicious payload will be executed, allowing the attacker to perform malicious activities such as stealing user data or executing arbitrary code.
WordPress Plugin Simple Job Board 2.9.3 is vulnerable to a local file inclusion vulnerability. An attacker can exploit this vulnerability to gain access to sensitive files on the server. The vulnerability exists due to the lack of proper input validation in the 'action' and 'method' parameters of the 'sjb_ajax_action' AJAX action. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with the malicious 'file_path' parameter. This will allow the attacker to read any file on the server.
This plugin creates a cf7-international-sms-integration from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.
A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE.
Services By CQR