A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3.1 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.
The Enlightenment Version: 0.25.3 is vulnerable to local privilege escalation. Enlightenment_sys in Enlightenment before 0.25.3 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring. If the attacker has access locally to some machine on which the machine is installed Enlightenment he can use this vulnerability to do very dangerous stuff.
An authentication bypass vulnerability exists in GeoVision Camera GV-ADR2701. By intercepting the login request with Burp and editing the response, an attacker can successfully log in to the web application.
The `itemID` parameter appears to be vulnerable to SQL injection attacks. The payload ' was submitted in the itemID parameter, and a database error message was returned. The attacker can be stooling all information from the database of this application.
SOUND4 Ltd. devices are vulnerable to an unauthenticated factory reset. By visiting the unprotected /usr/cgi-bin/restorefactory.cgi endpoint and making a POST request, the device will immediately reset itself and all settings will be lost.
The application suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'password' HTTP POST parameter through index.php.
The application suffers from an unauthenticated directory traversal file write vulnerability. Input passed through the 'filename' POST parameter called by the 'upgrade.php' script is not properly verified before being used to write files. This can be exploited to write arbitrary files with arbitrary content to arbitrary locations.
The application suffers from an SQL Injection vulnerability. Input passed through the 'password' POST parameter in 'index.php' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to bypass authentication and gain access to the application.
The application allows an unauthenticated attacker to disconnect the current monitoring user from listening/monitoring and takeover the radio stream on a specific channel.
The application is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypaas the authentication and authorization of the application and gain access to unauthorized functionality.
Services By CQR