meterN is a set of PHP/JS files that make a -Home energy metering & monitoring- solution. It accept any meters like : electrical, water, gas, fuel consumption, solar, Wind energy production and so on. Sensors such as temperature or humidity are also accepted. The application suffers from an authenticated OS command execution vulnerability. This can be exploited to execute arbitrary commands through the 'COMMANDx' and 'LIVECOMMANDx' POST parameters in admin_meter2.php and admin_indicator2.php scripts. The application interface allows users to perform these actions through HTTP requests without performing any validity checks to verify the requests.
Zucchetti Axess CLOKI Access Control 1.64 is vulnerable to Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. These actions can be exploited to perform authentication detriment and account password change with administrative privileges if a logged-in user visits a malicious web site.
A stored cross-site scripting (XSS) vulnerability was discovered in WordPress Plugin Typebot version 1.4.3. An authenticated user with the ability to modify the 'Publish ID or Full URL' setting can inject a malicious JavaScript payload which will be stored in the database and executed when the same functionality is triggered.
Laravel Valet v1.1.4 to v2.0.3 is vulnerable to local privilege escalation on macOS. This bug got introduced when the sudoers files got added around commit b22c60dacab55ffe2dc4585bc88cd58623ec1f40. When the valet command is installed, composer will symlink the `valet` command to /usr/local/bin. This 'command' is writable by the user that installed it. Running `valet install`, will start the install routine. The very first action taken is to stop nginx (quietly?) with `sudo` which will prompt the user for the sudo password in the command line. From here (and in fact from any point where the valet tool uses sudo) the command can execute further commands as root without any further interaction needed by the user. With this 'sudo' access, the installer does it thing, and eventually installs two new sudoers rules for homebrew and valet. The problem with the sudoers rules now is the fact that a user controlled script (rememeber the valet command is writable to my user?) is allowed to be run with root privileges. More conveniently, without a password. So, to trivially privesc using this flaw, simply edit the `valet` command and drop `/bin/bash` in there.
Pure python ENV variable leak PoC for CVE-2021-44228. This PoC sends a request to the target URL with the host and port of the exploit server. The exploit server then sends a LDAP header to the target and extracts the response which contains the environment variables of the target.
A vulnerability in WebHMI Firmware < 4.1 allows an authenticated attacker to execute arbitrary code on the target system. The vulnerability exists due to improper validation of user-supplied input in the 'api/upload/file' API endpoint. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious PHP code. Successful exploitation of this vulnerability can result in remote code execution on the target system.
A Local File Inclusion (LFI) vulnerability exists in HD-Network Real-time Monitoring System 2.0. An attacker can send a specially crafted HTTP request to the vulnerable server to exploit this vulnerability and gain access to sensitive files on the server.
A stored XSS vulnerability exists in the Event management software. An attacker can leverage this vulnerability in order to run javascript on the web server surfers behalf, which can lead to cookie stealing, defacement and more.
A stored XSS vulnerability exists in the Employees Daily Task Management System 1.0 web application. An attacker can leverage this vulnerability in order to run javascript on the web server surfers behalf, which can lead to cookie stealing, defacement and more. The attacker can inject malicious payloads into the 'title' and 'Task Description' parameters of the 'view_task' page, or the 'full name' and 'contact number' parameters of the 'manage_account' page.
An SQL Injection vulnerability exists in the Employees Daily Task Management System admin login form which can allow an attacker to bypass authentication. The following payload will allow an attacker to bypass the authentication mechanism of the Engineers Online Portal login form - 123'+or+1=1+--+-
Services By CQR