An authenticated user can inject malicious JavaScript code in the title field of a new story, leading to stored cross-site scripting (XSS) vulnerability. This allows the attacker to execute arbitrary code in the context of the affected website's users.
Users can share cells or folders with other users on the same Pydio instance. The web application allows to either select an already existing user from a list or to create a new user by entering a new username and password. When creating a new user, a HTTP PUT request is sent containing the username, password, and an empty list for the key "Roles". This vulnerability allows an attacker to assign unauthorized roles to a user.
By injecting a malicious payload into the 'from' parameter of a specific URL, an attacker can trigger a cross-site scripting vulnerability in eScan Management Console version 14.0.1400.2281. This allows the attacker to execute arbitrary code in the context of the user's browser, potentially leading to session hijacking and account takeover.
During testing, it was found that the system32 subdirectory was missing a DLL library with the name wow64log.dll that had been required by the hubstaff's setup file during installation. Hence, using Metasploit's msfvenom to create a new wow64log.dll file, Tester was able to get a reverse shell locally.
This exploit allows an attacker to gain privileged rights (e.g. root) on a macOS system running HospitalRun version 1.0.0-beta. By running a local TCP listener and executing the exploit, the attacker can execute commands and escalate their privileges.
The value of manual insertion 'point 3' is copied into the HTML document as plain text between tags. The payload udz21<script>alert(1)</script>rk346 was submitted in manual insertion point 3. This input was echoed unmodified in the application's response. The attacker can trick the already logged-in user, to visit the exploit link that this attacker is created, and if this already logged-in user is not actually IT or admin, this will be the end of this system.
If an attacker had already compromised the system and the current user has the privileges to write in the : C:Program Files (x86) "C:Program Files (x86)Personify" "C:Program Files (x86)PersonifyChromaCam" "C:Program Files (x86)PersonifyChromaCam64" folder or in "C:"
This exploit allows an authenticated attacker to execute arbitrary code on a Bludit version 3-14-1 website. The attacker needs to follow the steps provided in the proof of concept section to upload a malicious zip file containing a webshell.
A vulnerability in Newsletter Software SuperMailer v11.20 could allow an attacker to cause a process crash resulting in a Denial of Service (DoS) condition for the application on an affected system. The vulnerability exists due to insufficient validation of certain elements with a configuration file malformed. An attacker could exploit this vulnerability by sending a user a malicious SMB (configuration file) file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to cause the application to crash when trying to load the malicious file.
CRLF injection vulnerability in ManageEngine Desktop Central 9.1.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the fileName parameter in a /STATE_ID/1613157927228/InvSWMetering.csv.