SysGauge 7.9.18 is vulnerable to Unquoted Service Path vulnerability. This vulnerability can be exploited by an attacker to gain elevated privileges on the system. The vulnerability exists due to the SysGauge Server service not properly quoting its path. An attacker can exploit this vulnerability by placing malicious files in the same directory as the service executable and then start the service.
Client Management System 1.1 is vulnerable to SQL Injection in the admin panel 'search invoices' field because of insufficient user supplied data sanitization. To exploit, an attacker can enter the payload ' OR 'x'='x' in the search field and all results are showed instead of none.
Client Management System 1.1 is vulnerable to stored cross site scripting because of insufficient user supplied data sanitization. To exploit this vulnerability, an attacker can enter a malicious payload in the user name field and click on Update. The payload will be stored in the database.
Brother BRPrint Auditor 3.0.7 is vulnerable to unquoted service path. An attacker can exploit this vulnerability by placing malicious files in the same directory as the vulnerable service and gain elevated privileges.
Tftpd64 4.64 is vulnerable to an unquoted service path vulnerability. This vulnerability allows an attacker to gain elevated privileges on the system by exploiting the service path. The vulnerability is caused by the service path not being properly quoted, allowing an attacker to inject malicious code into the service path.
Notex – the best notes is vulnerable to a DoS condition when a long list of characters is being used when creating a note. Successful exploitation will cause the application to stop working. I have been able to test this exploit against iOS 14.2.
Post-it is vulnerable to a DoS condition when a long list of characters is being used when creating a note. Successful exploitation will cause the application to stop working. The exploit has been tested against iOS 14.2.
Secure Notepad - Private Notes is vulnerable to a DoS condition when a long list of characters is being used when creating a note. Successful exploitation will cause the application to stop working. The exploit has been tested against iOS 14.2.
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
First of all, an attacker should use the file upload section to upload a malicious shell containing the code <?PHP system($_GET['cmd']);?>. Then, the attacker should go to the content section, click Files and upload the malicious php file. Finally, the attacker should go to the URL of the malicious file with the command as a parameter (e.g. yourserver/textpattern/files/yourphp.php?cmd=yourcode). After the request is sent, the response will contain the output of the command.
Services By CQR