Multiple Persistent Cross Site Scripting vulnerabilities were discovered in Openfiler. An attacker can inject malicious JavaScript code into the NAC name field or the Logical Volume description field, which will be reflected in the application. This can be used to steal cookies and other sensitive information from the user's browser.
Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based Storage Area Networking functionality in a single cohesive framework. An arbitrary code execution vulnerability exists in Openfiler, which allows an attacker to execute arbitrary code on the vulnerable system. This is achieved by logging into the Openfiler dashboard, navigating to the system tab, and entering a shell command using the backticks ` `. The code will then be reflected in the hostname value space.
A kernel pool overflow in Win32k which allows local privilege escalation. The kernel shellcode nulls the ACL for the winlogon.exe process (a SYSTEM process). This allows any unprivileged process to freely migrate to winlogon.exe, achieving privilege escalation. Used in pwn2own 2013 by MWR to break out of chrome's sandbox.
This exploit allows an attacker to dump user credentials from Team Helpdesk Customer Web Service (CWS) and Team Helpdesk Technician Web Access (TWA). The attacker can use the user_cred_dump_cws.py and user_cred_dump_twa.py scripts to dump the credentials and decrypt_cws.py and decrypt_twa.py scripts to decrypt the encrypted passwords. The exploit was tested on Windows 2008 R2.
The Seagate BlackArmor NAS devices contain multiple vulnerabilities, including a backdoor user with hardcoded credentials in backupmgt/pre_connect_check.php and remote code execution vulnerabilities in localJob.php and pre_connect_check.php. The vendor has decided to ignore any messages regarding these vulnerabilities.
This module exploits an unauthenticated SQL injection vulnerability affecting AlienVault OSSIM versions 4.3.1 and lower. The SQL injection issue can be abused in order to retrieve an active admin session ID. If an administrator level user is identified, remote code execution can be gained by creating a high priority policy with an action containing our payload.
NETGEAR DGN2200 ADSL router web interface suffers from persistent XSS vulnerability in the QoS(Quality of Service) Administration page under 'Expert Mode'. Steps to reproduce: Login to the router web interface, Enter expert mode, navigate to QoS page, Add QoS Rule, or Edit an existing one, in 'QoS Policy for:' Enter the following: <script>alert('XSS')</script> and click apply, go to another page and navigate back into QoS - the XSS error pops up.
Beetel 450TC2 Router is vulnerable for cross site request forgery vulnerability in change password page. An attacker can exploit this vulnerability by sending a malicious POST request to the Forms/tools_admin_1 page with the new password in the request body. This will allow the attacker to change the router's admin password without authentication.
This module exploits a type confusion vulnerability found in the ActiveX component of Adobe Flash Player. This vulnerability was found exploited in the wild in November 2013. This module has been tested successfully on IE 6 to IE 10 with Flash 11.7, 11.8 and 11.9 prior to 11.9.900.170 over Windows XP SP3 and Windows 7 SP1.
NULL NUKE CMS suffers from multiple remote vulnerabilities including Stored/Reflected XSS, SQL Injection, Arbitrary File Upload, RCE, Arbitrary File Deletion, Arbitrary File Access using absolute path and/or traversal, Open Redirection, Parameter Traversal, and Cross-Site Request Forgery.
Services By CQR