The SyndeoCMS version 3.0 and lower is vulnerable to CSRF. An attacker can add an admin account by exploiting this vulnerability.
CSRF exploit that allows adding a new admin
This exploit allows an attacker to add an admin account using CSRF vulnerability in SocialCMS. By submitting a crafted form, the attacker can create a new admin account without proper authentication.
This exploit allows remote code execution through a buffer overflow vulnerability in Sysax Multi Server version 5.52 and below. It utilizes an egghunter technique to bypass DEP (Data Execution Prevention). The vulnerability was discovered by Craig Freyman (@cd1zz) and detailed information can be found at http://www.pwnag3.com/2012/02/sysax-multi-server-552-file-rename.html.
The PoC (Proof of Concept) allows an attacker to create a blue screen of death (BSOD) on systems running PeerBlock 1.1. The vulnerability is caused by a buffer overflow in the pbfilter.sys driver. By sending a specially crafted IOCTL request to the driver, an attacker can trigger the buffer overflow and crash the system, resulting in a BSOD. The vulnerability has been tested on Microsoft Windows XP Professional SP3.
This SQL injection vulnerability allows an attacker to update the username and password of the admin user in Ananta Gazelle CMS. The vulnerability is present in the 'forgot.php' page, where the user can submit a form to set a new activation key for their account. The vulnerable code does not properly sanitize the user input, allowing the attacker to modify the SQL query and set arbitrary values for the admin username and password. The vulnerability can be exploited by sending a specially crafted POST request to the 'forgot.php' page with the desired values for the username and password. The exploit changes the username to '1' and the password to '1' by copying the value of a default column in the 'users' table. This allows the attacker to gain administrative access to the CMS.
The script contains a buffer overflow vulnerability that can be exploited by sending a GET request with a large size parameter. This causes the program to crash with a segmentation fault, potentially leading to remote code execution.
Multiple persistant cross site & a blind SQL vulnerabilities are detected on the resource management tool Achievo v1.4.3. The bug allows remote attacker to implement malicious script code on the application side and/or to execute sql commands via remote sql injection attack. Successful exploitation of the vulnerability allows an attacker to manipulate specific modules & can lead to session hijacking (user/mod/admin) and/or to compromise the application & dbms.
This module exploits a vulnerability in Icona SpA C6 Messenger 1.0.0.1. The vulnerability is in the DownloaderActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
The SID parameter in a POST is vulnerable to a boolean based blind SQLi. You must be authenticated to access this parameter. The default database for Campaign Enterprise is MS Access.
Services By CQR