This program demonstrates how unpatched security bug would enable hackers to gain control of a vulnerable device while sitting behind their keyboard, potentially thousands of miles away. An unauthenticated attacker that is connected to the DVR's may be able to retrieve the device's administrator password allowing them to directly access the device's configuration control panel.
The vulnerability exists due to insufficient sanitization of user-supplied input in 'file' and 'profile' parameters of 'ajax_pluginconf.php' and 'magmi.php' and 'magmi_import_run.php' scripts. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable website. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials and launch other attacks.
The vulnerability exist in the web interface, which is accessible without authentication. Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable systems or devices who try to access certain sites are instead redirected to possibly malicious sites. Modifying systems' DNS settings allows cybercriminals to perform malicious activities like steering unknowing users to bad sites, replacing ads on legitimate sites, controlling and redirecting network traffic, and pushing additional malware.
K7 Computing Multiple Products is prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on the affected computer. This issue is due to a design error in the application when handling certain IOCTLs. An attacker can exploit this issue to gain elevated privileges on the affected computer.
Pragyan CMS v. 3 suffers from a SQL injection vulnerability that can be abused even by unauthenticated attackers.
A vulnerability in Hewlett-Packard Universal CMDB (UCMDB) allows an attacker to bypass authentication and gain access to the JMX-Console. This vulnerability affects UCMDB 10.10 and other versions might also be affected. The vulnerability is remotely exploitable and has a high impact.
Sefrengo CMS v1.6.1 is vulnerable to multiple SQL injection vulnerabilities. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP POST request to the vulnerable file /backend/external/phplib/ct_sql.inc, with the vulnerable parameter $id. This will allow the attacker to execute arbitrary SQL commands on the underlying database.
A vulnerability in Symantec Altiris Agent allows an attacker to gain arbitrary write privilege escalation. The vulnerability is due to the driver not being signed, no file version set, no product version set, no product name set. The driver looks like has one main task is to retrieve configuration information about the hardware using the HalGetBusData function. If it cannot retrieve configuration information it sends the 'ScottWroteThis!' string to the output buffer. This string was posted online in 2006.
A privilege escalation vulnerability exists in Trend Micro Multiple Products due to improper validation of user-supplied input. An attacker can exploit this vulnerability to gain elevated privileges on the affected system.
HP Data Protector 8.x is vulnerable to remote command execution. An attacker can send a specially crafted packet to the Data Protector service on port 5555/tcp and execute arbitrary commands with root privileges. This vulnerability was discovered by Juttikhun Khamchaiyaphum and was assigned CVE-2014-2623.
Services By CQR