In the manual insertion point 1 - parameter `EID` appears to be vulnerable to SQL injection attacks. No need for cookies, no need admin authentication and etc. The attacker easily can steal information from this system by using this vulnerability.
A vulnerability in flatnux 2021-03.25 allows an authenticated user to execute arbitrary code by uploading a malicious file via the filemanager.php page. The vulnerability exists due to insufficient validation of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious code to the vulnerable application. Successful exploitation of this vulnerability could result in remote code execution.
During a recent engagement, a network camera was discovered. Web fuzzing revealed a URL of /device containing output about running processes as well as a pretty complete listing of webcontent which inevitably arose our suspicion. More research revealed that files w/ known LFI and RCE issues were present, leading to either arbitrary file reads or remote code execution, both w/ root privileges and using known default credentials (either admin:admin or manufacture:erutcafunam). After closer filesystem inspection, RCE led to a remote root SSH shell.
The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized.
The Reflected XSS found in order parameter of process_order.php page. Authenticated Reflected Cross-Site Scripting (XSS) is a serious vulnerability that can have a significant impact on the security of a web application and its users. The risk of Authenticated Reflected XSS is similar to that of Reflected XSS, but with the added danger that the attacker must first gain access to a valid user account in order to exploit the vulnerability. The main risk associated with Authenticated Reflected XSS is that it can allow an attacker to steal sensitive information or take control of a user's account on a web application. This can include login credentials, financial information, personal information, and more.
The Music Gallery site does have public pages for music library. Whenever someone click on play button any music the popup will appear on the page and the URL of the page will be like this: php-music/classes/Master.php?f=get_music_details&id=*. The parameter 'id' is vulnerable to SQL Injection attack. An attacker can inject malicious SQL queries into the parameter and can gain access to the database.
The Music Gallery site does have public pages for music library. Whenever someone click on info button any music the popup will appear o the page view_music_details.php. This page is vulnerable to SQL Injection attack.
The Music Gallery site does have public pages for music library, on music list there is an SQL injection to filter out the music list with category basis. The attacker can use this vulnerability to bypass the security measures put in place by the application, allowing them to access or modify sensitive data, or even take control of the entire system.
The employee task management system supports two roles of users, one is admin, and another is a normal employee. On this page task_id parameter is vulnerable to SQL Injection Attack. An attacker can inject malicious SQL queries into the vulnerable parameter and can gain access to the database.
The vulnerability exists in the task-details.php page, where the task_id parameter is vulnerable to SQL Injection attack. An attacker can inject malicious SQL code into the task_id parameter and execute it on the database, allowing them to access or modify sensitive data, or even take control of the entire system.
Services By CQR