The SureMDM On-premise version 6.31 and below allows an attacker to bypass CAPTCHA and enumerate users. By sending requests to the /ForgotPassword.aspx/ForgetPasswordRequest endpoint with a User ID, an attacker can check if the User ID exists without being blocked by the CAPTCHA mechanism. This vulnerability has been assigned the CVE-2023-3897.
CSZ CMS Version 1.3.0 is vulnerable to remote command execution. An attacker can exploit this vulnerability to execute arbitrary commands on the target system. This vulnerability has been assigned CVE-ID: TBD.
Super Store Finder is a PHP script with a vulnerability that allows unauthenticated SQL Injection attacks. By injecting SQL commands into the USERNAME parameter in the index.php file, attackers can perform boolean-based blind, error-based, or time-based blind SQL injection.
The Lot Reservation Management System is a PHP/MySQLi project designed to assist in managing property reservations. The system allows clients to view property information and make reservations. However, it is vulnerable to an unauthenticated file disclosure issue.
The Simple Student Attendance System v1.0 is vulnerable to a Time Based Blind SQL Injection. An attacker can exploit this vulnerability by sending a crafted POST request with a malicious payload to the 'id' parameter in the delete_student function of the actions.class.php file. This allows the attacker to perform unauthorized SQL queries, potentially leading to data leakage or manipulation. This exploit has been tested using sqlmap tool.
The Comments Like Dislike plugin for WordPress <= 1.2.0 allows unauthorized modification of data due to a missing capability check on the restore_settings function called through an AJAX action. Authenticated attackers with minimal permissions, such as subscribers, can reset the plugin's settings. The issue was only partially patched in version 1.2.0, making the nonce still accessible to subscriber-level users.
An attacker can send crafted HEX values to a specific GATT Charactristic handle on the Maxima Max Pro Power smartwatch to perform unauthorized actions like changing Time display format, updating Time, and notifications. Due to lack of integrity checks, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.
A Stored Cross Site Scripting vulnerability in Petrol Pump Management Software v.1.0 allows attackers to execute malicious code by uploading a crafted payload to the 'Image' parameter in the 'profile.php' component. By uploading an 'xss.svg' file, an attacker can inject arbitrary scripts into the application.
The AC Repair and Services System v1.0 is vulnerable to SQL injection attacks due to improper input validation. An attacker can manipulate the SQL queries to execute arbitrary SQL commands, leading to unauthorized access to the database or data manipulation. This vulnerability has been demonstrated using sqlmap tool to perform time-based blind SQL injection attacks.
The exploit code serves as a vulnerability checker and proof of concept for CVE-2023-36845. It triggers the phpinfo() function on the login page of the target device, enabling inspection of the PHP configuration. The script also provides the option to save the phpinfo() output for further analysis.
Services By CQR
