A SQL injection vulnerability exists in EQ Enterprise management system v2.2.0. An attacker can send a specially crafted HTTP POST request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database.
A stored XSS vulnerability was discovered in the Free EVE Community Edition Version 5.0.1-13 of Eve-ng. An attacker can create a new lab, create a Text label, insert a malicious XSS payload and click save. When any user opens the lab, the XSS will be triggered.
This plugin creates a WPForms from any post types. The slider import search feature and tab parameter via plugin settings are vulnerable to reflected cross-site scripting.
Zillya's processes run in SYSTEM privileges. The user with low privileges in the system can copy any file they want to any location by using the quarantine module in Zillya. This is an example of AVGater vulnerabilities that are often found in antivirus programs. Attackers create new folder and into malicious file. It can be a DLL or any file. Attacker waits for 'Zillya Total Security' or 'Zillya Internet Security' to quarantine him. The created folder is linked with the Google Symbolic Link Tools 'Create Mount Point' tools to the folder that the current user does not have write permission to. Restores the quarantined file. When checked, it is seen that the file has been moved to an unauthorized location. This is evidence of escalation vulnerability. An attacker with an unauthorized user can write to directories that require authorization. Using techniques such as DLL hijacking, it can gain access to SYSTEM privileges.
A stored cross-site scripting (XSS) vulnerability exists in Shoplazza 1.1. An attacker can exploit this vulnerability by logging in as a normal user account, browsing to the 'Blog Posts' -> 'Manage Blogs' -> 'Add Blog Post' page, and entering a malicious payload in the 'Title' field. This will cause the payload to be stored in the application and executed when the page is loaded. This can be used to execute arbitrary JavaScript code in the context of the application.
LISTSERV 17 is vulnerable to Insecure Direct Object Reference (IDOR) vulnerability. An attacker can exploit this vulnerability by creating two accounts on the LISTSERV 17 installation, logging into each one in a different browser or container. Intercepting the attacking profile's browser traffic using Burp, the attacker can change the email address in the URL's Y parameter to the email address of the victim account. The attacker can then replace the βWALOGINβ cookie value with an ASCII encoded version of the victim's email address. This will allow the attacker to access and edit the victim's profile, as well as access any information in the profile.
A reflected cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the "c" parameter.
A vulnerability in 4images 1.9 allows an authenticated administrator user to execute arbitrary code on the server by uploading a malicious template. To exploit the vulnerability, an attacker must first login as an administrator user, then browse to General -> Edit Templates -> Select Template Pack -> default_960px -> Load Theme. The attacker then selects the template categories.html and inserts a reverse shell payload. After clicking Save Changes, the attacker browses to http://host/4images/categories.php?cat_id=3D1 and a reverse shell is established.
This exploit allows an attacker to uninstall CrowdStrike Falcon AGENT 6.44.15806 without the need of an installation token. The exploit is based on CVE-2022-2841 and was modified by Deda Cloud Purple Team members to exploit a hotfixed release. The publication of CVE-2022-44721 is in progress.
AudioCodes Device Manager Express is vulnerable to multiple vulnerabilities such as SQL injection, path traversal, and remote command execution. An attacker can exploit these vulnerabilities to bypass authentication, upload arbitrary files, download arbitrary files, execute commands, and add backdoors.
Services By CQR