Unauthenticated user can exploit LFI vulnerability in file parameter.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of WordPress Core. Authentication is not required to exploit this vulnerability, The specific flaw exists within the WP_Query class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.
SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. Online Diagnostic Lab Management System 1.0 is vulnerable to the SQL Injection in 'id' parameter of the 'appointment list' page. Following URL is vulnerable to SQL Injection in the 'id' field. http://localhost/odlms/?page=appointments/view_appointment&id=1%27%20AND%20(SELECT%208053%20FROM%20(SELECT(SLEEP(7)))dJOC)%20AND%20%27test%27=%27test Server accepts the payload and the response get delayed by 7 seconds. An attcker can compromise the database of the application by manual method or by automated tools such as SQLmap.
Online Diagnostic Lab Management System 1.0 is vulnerable to stored cross-site-scripting. Stored cross-site scripting (persistent XSS) arises when an application receives its data from an untrusted source and includes that data within its responses in an unsafe way.
Online Diagnostic Lab Management System 1.0 is vulnerable to unauthenticated account takeover. An attacker can takeover any registered 'Staff' user account by just sending a POST request by changing the the 'id', 'email', 'password' and 'cpass' parameters.
The vulnerability allows an attacker to inject payload using 'sql' parameter in sql query while generating report. Upon successful discovering the login admin password hash, it can be decrypted and obtained the plain-text password.
A Stored XSS issue in HPRMS v.1.0 allows remote attackers to inject JavaScript via /articles in the description parameter.
A XSS issue in HPRMS v.1.0 allows remote attackers to inject JavaScript via /articles in the description parameter.
A XSS issue in HPRMS v.1.0 allows remote attackers to inject JavaScript via /articles in the description parameter.
The plugin does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly.
Services By CQR