Vehicle Service Management System 1.0 is vulnerable to Remote Code Execution (RCE) due to an authentication bypass vulnerability. An attacker can exploit this vulnerability by sending a malicious request to the server with a crafted payload. This will allow the attacker to execute arbitrary code on the server.
Phpwcms 1.9.30 is vulnerable to an arbitrary file upload vulnerability. An attacker can upload a malicious SVG file containing a malicious JavaScript payload, which can be used to execute arbitrary code on the server. The attacker needs to login to the system and create a payload with SVG extension. Then, the attacker needs to go to the file upload page and upload the malicious SVG file. After uploading the payload, the attacker can call it from the link provided.
Password input is affected with authentication bypass because of improper sanitisation which lead to access to auauthorised accounts.
The MiniorangeSAML Drupal Plugin v. 8.x-2.22 is vulnerable to XML Signature Wrapping Attacks that could allows an attacker to perform privilege escalation attacks. In order to exploit the vulnerability, the plugin must be configured with the 'Either SAML reponse or SAML assertion must be signed' options enabled and an empty 'x509 certificate'. An attacker can register a normal user on the website, perform a login, intercept the request with Burp Suite and decode the SAMLResponse parameter, inject an additional <Saml:Assertion> object before the original one and send the modified request. The user will be logged in as an administrator.
An attacker can bypass authentication by sending a specially crafted HTTP POST request to the application. The request contains a username and password parameter with a value of ' OR 1 -- -. This will cause the application to bypass authentication and allow the attacker to gain access to the application.
Pharmacy Point of Sale System v1.0 is vulnerable to multiple SQL injection attacks. An attacker can exploit this vulnerability by sending malicious requests to the application. For example, sending a request to view_product.php with an id parameter set to -1' will result in a SQL injection attack. Other vulnerable parameters include date_from, date_to, page, expiry_date, product_id, quantity, supplier_id, view_only, and id. An attacker can also exploit the save_stock action in Actions.php by sending a malicious POST request.
A vulnerability in Cmsimple 5.4 allows an authenticated user to execute arbitrary code on the target system. This is achieved by sending a crafted POST request to the target system with a malicious payload. The payload is then executed on the target system.
An attacker can bypass the authentication of Cyber Cafe Management System (CCMS) 1.0 by sending a specially crafted HTTP POST request with a username of ' OR 1 -- - and a password of ccms. This will allow the attacker to gain access to the admin panel without valid credentials.
Pet Shop Management System 1.0 is vulnerable to Remote Code Execution (RCE) due to improper validation of user-supplied input. An attacker can exploit this vulnerability by uploading a malicious file to the server via the 'images' parameter in the 'add_petmanagement.php' controller. This can be used to execute arbitrary code on the server.
OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter. An attacker can exploit this vulnerability by sending a maliciously crafted request to the vulnerable application. This will allow the attacker to execute arbitrary HTML and JavaScript code in the context of the affected application.
Services By CQR