Adt parameter is vulnerable to XSS, Path traversal vulnerability can be exploited by accessing the URL with '../' and Blind SQL injection can be exploited by sending a malicious payload in the POST request.
CloverDX 5.9.0 is vulnerable to Cross-Site Request Forgery (CSRF) to Remote Code Execution (RCE). An attacker can exploit this vulnerability by sending a malicious request to the target server. The attacker can use the ViewStateCracker.java to crack the ViewState and gain access to the target server. This vulnerability affects versions 5.9.0, 5.8.1, 5.8.0, 5.7.0, 5.6.x, 5.5.x, 5.4.x.
In Care2x < 2.7 Alpha, remote attackers can gain access to the database by exploiting a SQL Injection vulnerability via the 'pday', 'pmonth', 'pyear' parameters. The vulnerability is found in the 'pday', 'pmonth', 'pyear' parameters in GET request sent to page 'nursing-station.php'. An attacker can exploit this vulnerability to access private data in the database system.
The weakness is caused due to the login script and how it verifies provided credentials. Attacker can use this weakness to enumerate valid users on the affected application via 'ctl00$MainContent$UserName' POST parameter.
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.
A backdoor was found in a Denver SHO-110 IP Camera. The backdoor located in the camera's second http service, allows the attacker to get a snapshot through `/snapshot` endpoint without authentication.
The POST body parameter editOEN is vulnerable to blind SQL injection. Any user can inject custom SQL commands into the “Student Busing Information” search queries. An exploit is not necessary to take advantage of this vulnerability.
A backdoor was found in a Denver SHC-150 Smart Wifi Camera. The backdoor is a factory telnet credential - 'default'. An attacker can open a telnet connection with the camera on port 23 and enter 'default' to gain access to a Linux shell and execute commands on OS level through telnet.
This exploit allows an attacker to bypass authentication and gain remote code execution on the Event Registration System with QR Code 1.0 software. The exploit works by sending a specially crafted POST request to the login.php page with a username of 'admin'# and a blank password. This bypasses authentication and allows the attacker to upload a malicious PHP file to the upload.php page. The attacker can then send a GET request to the uploaded file with a parameter of 'cmd' to execute arbitrary code on the server.
Customer relationship management system is vulnerable to Sql Injection Auth Bypass. Exploit Working: Visit on localhostcrm/customer/login.php, You will see the login panel, use this payload ( '=' 'or' ) in username and click on signin you will login into the admin account.
Services By CQR