Variable $notice_id isn't properly sanitized in file classes/mono_display.class.php, which allows authenticated users to execute arbitrary SQL commands via the id parameter.
A sql injection web vulnerability has been discovered in the official PHPLIST v3.0.6 & v3.0.10 open source web-application. The vulnerability allows an attacker to inject sql commands by usage of a vulnerable value to compromise the application dbms. The sql injection vulnerability is located in the `list` value of the `/lists/` module. Remote attackers are able to inject own sql commands to compromise the application dbms.
A sql injection vulnerability has been discovered in the official Pimcore v3.0 & v2.3.0 Content Management System (Web-Application). The vulnerability allows remote attackers to inject/execute own sql commands on the affected application dbms. The vulnerability is located in the `/pimcore/modules/install/controllers/IndexController.php` file. Remote attackers are able to inject own sql commands to compromise the application dbms. The request method to inject is POST and the attack vector is located on the `/install/` directory.
Lazarus is a free guestbook script written in PHP that uses your MySQL database for storage and is based upon the excellent Advanced Guestbook script from Proxy2. Multiple Cross Site Scripting vulnerabilities exist in multiple boxes in the platform, allowing an attacker to inject malicious code into the application. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Authenticated administrative users can download arbitrary files from the Access Manager administration interface as the user 'novlwww'. The download functionality is vulnerable to XML eXternal Entity Injection (XXE) attacks. An attacker can inject malicious XML code into the download request and gain access to arbitrary files on the server. The Access Manager administration interface is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can perform administrative actions on the Access Manager without the knowledge of the administrator. The Access Manager administration interface is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the administration interface and gain access to the session of an administrative user. The Access Manager administration interface discloses the full path of the application.
SysAid Server is vulnerable to an unauthenticated file disclosure attack that allows an anonymous attacker to read arbitrary files on the system. An attacker exploiting this issue can compromise SysAid user accounts and gain access to important system files. When SysAid is configured to use LDAP authentication it is possible to gain read access to the entire Active Directory or obtain domain admin privileges.
phpMyRecipes is a simple application for storing and retrieving recipes. It uses a web-based interface, for ease of use across any system, and a MySQL database backend for storing the recipes. The vulnerability is due to parameter category in browse.php, which is passed to function GetCategoryNameByID without data filtering and due to it, SQL injection vulnerability is arising. The proof of concept is to set the value of the category parameter to 1 and add an error-based SQL injection payload to the URL.
BitRaider contains a flaw that leads to unauthorized privileges being gained. The issue is due to the program granting improper permissions with the 'F' flag for the 'Users' group, which makes the entire 'BitRaider' directory and its sub directories and files world-writable. This may allow a local attacker to change an executable file with a binary file and gain elevated privileges.
Notepad++ is a free (as in "free speech" and also as in "free beer") source code editor and Notepad replacement that supports several languages. Running in the MS Windows environment, its use is governed by GPL License. Based on the powerful editing component Scintilla, Notepad++ is written in C++ and uses pure Win32 API and STL which ensures a higher execution speed and smaller program size. By optimizing as many routines as possible without losing user friendliness, Notepad++ is trying to reduce the world carbon dioxide emissions. When using less CPU power, the PC can throttle down and reduce power consumption, resulting in a greener environment. Proof Concept: http://i.imgur.com/TTDtxJM.jpg
This module exploits a local file inclusion vulnerability in the Lotus Mail Encryption Server (Protector for Mail Encryption) administration setup interface. The index.php file uses an unsafe include() where an unauthenticated remote user may read (traversal) arbitrary file contents. By abusing a second bug within Lotus, we can inject our payload into a known location and call it via the LFI to gain remote code execution. Version 2.1.0.1 Build(88.3.0.1.4323) is known to be vulnerable. You may need to set DATE in the format YYYY-MM-DD to get this working, where the remote host and metasploit instance have UTC timezone differences.
Services By CQR