Froxlor 2.0.3 Stable is vulnerable to Remote Code Execution (RCE). An attacker can exploit this vulnerability by sending a malicious payload to the vulnerable endpoint. This payload will be executed on the server and can be used to gain access to the server. The vulnerability is due to the lack of proper input validation and authentication.
A denial of service vulnerability exists in Apache Tomcat 10.1, which could allow an attacker to cause a denial of service condition. This vulnerability is due to an improper handling of requests in the cluster service. An attacker can exploit this vulnerability by sending a specially crafted request to the cluster service. Successful exploitation of this vulnerability could allow an attacker to cause a denial of service condition.
ImageMagick is vulnerable to an arbitrary file read vulnerability. This vulnerability allows an attacker to read any file on the system, including sensitive files such as /etc/passwd. The vulnerability is due to a lack of input validation when processing the '-read' option. An attacker can exploit this vulnerability by sending a specially crafted request to the ImageMagick server. The vulnerability affects versions 7.1.0-49 and 6.9.11-60 of ImageMagick. The pre-requirement for exploiting this vulnerability is Rust.
CKSource CKEditor5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via Full Featured CKEditor5 Widget as the editor fails to sanitize user provided data. An attacker can execute arbitrary script in the browser in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Answerdev 1.0.3 is vulnerable to an account takeover vulnerability. An attacker can exploit this vulnerability by sending a malicious request to the application's API endpoint to reset the password of a user. This will allow the attacker to gain access to the user's account.
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input. The attacker can easily send a malicious png file to the victim and then when the victim has opened this png he will crash the program.
Stored cross-site scripting (XSS) vulnerability was found in ERPNext 12.29 where the 'last_known_version' field found in the 'My Setting' page in ERPNext 12.29.0 allows remote attackers to inject arbitrary web script or HTML via a crafted site name by doing an authenticated POST HTTP request to '/desk#Form/User/(Authenticated User)' and inject the script in the 'last_known_version' field where we are able to view the script by clicking the 'pdf' view form.
BTCPay Server v1.7.4 HTML injection vulnerability. An attacker can inject malicious HTML code into the label field of the API key, which will be rendered when the API key is deleted.
SQL injection vulnerability in itech TrainSmart r1044 allows remote attackers to view sensitive information via crafted command using sqlmap.
This exploit is a proof-of-concept for sending SIGHUP as root utilizing GNU screen configured as setuid root. It works by connecting to the socket of a GNU screen instance and sending a query with a command to send SIGHUP to a specified process. The exploit is written in Python and requires the target to have GNU screen installed and configured as setuid root.
Services By CQR