The URL path folder `3` appears to be vulnerable to XPath injection attacks. The test payload 50539478' or 4591=4591-- was submitted in the URL path folder `3`, and an XPath error message was returned. The attacker can flood with requests the system by using this vulnerability to untilted he receives the actual paths of the all content of this system which content is stored on some internal or external server.
We discovered the web server of the Virtual Reception appliance is prone to an unauthenticated directory traversal vulnerability. This allows an attacker to traverse outside the server root directory by specifying files at the end of a URL request. This is a NUC5i5RY. A user called 'receptie' exists on the Windows system. The appliance also keeps a log of the visitors that register at the entrance.
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. A vulnerability in Covenant allows an attacker to execute arbitrary code on the target machine. This exploit is based on a vulnerability discovered by coastal in July 2020. It allows an attacker to craft a malicious JWT token and send it to the Covenant API in order to execute arbitrary code on the target machine.
The value of the eMail request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The attacker can trick the users of this system, very easy to visit a very dangerous link from anywhere, and then the game will over for these customers. Also, the attacker can create a network from botnet computers by using this vulnerability.
Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint on the HEAD http method allowing everyone to bypass the Basic Authorization Mechanism.
When specific http methods are listed within a security constraint, then only those methods are protected. Router ZTE-H108NS defines the following http methods: GET, POST, and HEAD. HEAD method seems to fall under a flawed operation which allows the HEAD to be implemented correctly with every Response Status Code. Below request bypasses successfully the Basic Authentication, and grants access to the Administration Panel of the Router.
A stack buffer overflow vulnerability exists in ZTE-H108NS router. An attacker can send a specially crafted HTTP request to the router to cause a denial of service condition. The vulnerable router is running firmware version H108NSV1.0.7u_ZRD_GR2_A68.
myBB forums 1.8.26 is vulnerable to stored cross-site scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the application by entering a specially crafted payload into the 'Add New Template' or 'Add New Forum' forms. The malicious code is then stored in the application and executed when a user views the affected page.
The name of an arbitrarily supplied URL parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The attacker can trick users to open a very dangerous link or he can get sensitive information, also he can destroy some components of your system.
Dreamer CMS v4.0.0 is vulnerable to SQL Injection. An attacker can send a specially crafted HTTP POST request with malicious SQL statements to the vulnerable search/doSearch script. This can allow the attacker to extract information from the database, modify data, or potentially execute arbitrary code.
Services By CQR