A SQL injection vulnerability was discovered in webERP version 4.11.3. An attacker can send a specially crafted HTTP POST request to the SalesInquiry.php script, which contains malicious SQL code in the 'DebtorNameOp' parameter. This can allow an attacker to execute arbitrary SQL commands on the underlying database.
VideoWhisper Live Streaming Integration does not properly verify malicious file extensions before uploading files to the server in "/wp-content/plugins/videowhisper-live-streaming-integration/ls/vw_snaps hots.php". A remote attacker can upload and execute arbitrary PHP file on the target system.
SEC Consult identified a privilege escalation vulnerability in the MICROSENS Web Manager in the course of a very limited infrastructure audit. The Web Manager can be used with read only permission to check the configuration on the device (e.g. VLANs, Port status). Additionally the Web Manager can be used with read and write permission to configure the device. Using the identified vulnerability a low privileged user having read only permission can elevate his privileges to contain read and write permissions. The login attempt is checked through a CGI binary, but the response of the binary is validated at the client side via JavaScript. An attacker can manipulate the response of the CGI binary and can bypass the client side validation.
Webuzo 2.1.3 has been identified with multiple security vulnerabilities, which can be exploited to perform remote OS command injection, execute malicious script and enumerate users. Authentication is not required to exploit these issues.
GoldMP4Player is vulnerable to a buffer overflow vulnerability when a maliciously crafted .swf file is opened via File -> Open Flash URL. The vulnerability is caused due to a boundary error when handling the URL parameter, which can result in a stack-based buffer overflow. This may allow a remote attacker to execute arbitrary code within the context of the application.
An SQL injection vulnerability exists in the PHP Ticket System BETA_1.zip, which allows an attacker to inject malicious SQL queries via the 'id' parameter in the 'get_all_created_by_user.php' script.
Multiple vulnerabilities exist in PHP-CMDB version 0.7.3, including XSS and SQL Injection. An attacker can exploit these vulnerabilities by sending a maliciously crafted request to the vulnerable application. The XSS payload is sent in the 's_text', 'ci_icon', 's_text', 's_cit_id', 's_cat_id', 's_compare_operator', 'u_login', 'u_last_name', 'u_first_name', and 'u_password_confirm' parameters, while the SQL Injection payload is sent in the 's_text' and 'u_login' parameters.
The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests or system specific path commands to compromise the web-application or mobile device. The persistent input validation web vulnerability allows remote attackers to inject own malicious script codes to the application-side of the service.
GDL 4.2 is vulnerable to directory traversal attacks. An attacker can exploit this vulnerability to read arbitrary files from the server. This vulnerability exists due to insufficient sanitization of user-supplied input to the 'newlang' and 'newtheme' parameters in the 'gdl.php' and 'index.php' scripts. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../') to the vulnerable script. Successful exploitation of this vulnerability will allow an attacker to read arbitrary files from the server.
A CSRF problem is present in the administration panel of Piwigo 2.6.1. An attacker can craft a malicious HTML page with a form that submits a POST request to the vulnerable application. This POST request can add an arbitrary user to the application.
Services By CQR