ManageEngine Desktop Central, Password Manager Pro and IT360 (including MSP versions) are vulnerable to Blind SQL Injection in the MetadataServlet.dat servlet. The vulnerability is caused due to the lack of input validation of the ‘sv’ parameter. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
WP Content Source Control plugin for WordPress is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.
FB Gorilla plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The exploit is done via sqlmap, using a POST request with the parameter 'selected_group' and a payload of 'action=gb_ajax_get_group&gb_nonce=5356513fbe&selected_group=2 AND SLEEP(5)'.
VoipSwitch is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks.
The WordPress HDW Player plugin (Video Player & Video Gallery) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The WordPress Spreadsheet plugin (wpSS) is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Barracuda Web Application Firewall is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and gain access to the appliance. This may aid in further attacks.
CMSimple is prone to multiple security vulnerabilities including arbitrary PHP code-execution vulnerabilities, a weak authentication security-bypass vulnerability, and other security vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions, perform unauthorized actions, and execute arbitrary script code in the context of the affected application. This may aid in further attacks. Additionally, any user can login to the CMSimple website with the default password 'test' and no username.
WhyDoWork AdSense plugin for WordPress is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability. An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, or perform unauthorized actions. Other attacks may also be possible.
Services By CQR