A vulnerability in phpMyFAQ v3.2.10 allows a privileged attacker to initiate a file download on a victim's system by embedding it in an <iframe> element without user interaction. By uploading a malicious attachment and linking it through an iframe in a FAQ record, the attacker can trigger automated downloads on the victim's machine.
A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM Automation version 6.18.17 and below allows malicious users to run arbitrary JavaScript code in a victim's web browser by inserting a specially crafted payload into the dialog parameter at wrapper_dialog.php.
The Microsoft Windows XRM-MS file type, associated with software licensing, allows adversaries to inject XML stylesheets pointing to LAN network shares or attacker-controlled infrastructure. This leads to outbound connections leaking the target's NTLM hash. The exploit works through LAN network shares or remote drive-by downloads, requiring user interaction to open the file. The xrm-ms file type bypasses some security measures and appears trust-worthy as it defaults to opening in Internet Explorer or Edge on Windows systems.
A vulnerability exists in the 'secret_key' XML tag in Microchip TimeProvider 4100's configuration file, allowing remote code execution. By injecting a malicious payload into the configuration file and triggering it during login, an attacker can execute arbitrary OS commands remotely.
The Microsoft library-ms file format was found to have an NTLM hash disclosure vulnerability, where sensitive information could be exposed. Initially considered not severe by MSRC in 2018, it was later acknowledged by Microsoft and assigned CVE-2025-24054 in 2025. This vulnerability allows remote attackers to access sensitive information.
Casdoor version 1.901.0 and below has a Cross-Site Request Forgery (CSRF) vulnerability in the /api/set-password endpoint. This vulnerability allows attackers to change a victim user's password through a maliciously crafted URL.
The ABB Cylon Aspect version 3.08.01 allows an unauthenticated attacker to delete files with web server permissions through directory traversal sequences in the 'file' parameter of 'databasefiledelete.php'. This vulnerability could be exploited to delete critical files.
CVE-2018-1207 is a vulnerability that allows unauthenticated file upload and subsequent library execution on the HTTPS web interface of Dell EMC iDRAC7 and iDRAC8 versions before 2.52.52.52. An attacker can exploit this to add a web user for remote admin access.
The Watcharr version 1.43.0 and below is vulnerable to Remote Code Execution (RCE) which allows an attacker to execute arbitrary code on the target system. CVE-2024-48827 was identified and exploited by Suphawith Phusanbai.
An unauthenticated SQL Injection vulnerability is found in LearnPress WordPress Plugin versions up to 4.2.7. This flaw exists in the c_only_fields parameter of the LearnPress API endpoint, allowing attackers to execute malicious SQL commands through API requests without authentication. Successful exploitation could result in unauthorized database access, potential exposure of sensitive data, or even granting administrative control through database manipulation.
Services By CQR