This PoC code should do two main things: 1. Cross Site Request Forgery (For more information, just google it). 2. This code change to new password without know the current password. The vulnerability work in a way that if we remove the "PA=" parameter which is the current password the application ignore that and change the password without even entering the old / current password.
A CSRF vulnerability exists in TOSHIBA e-Studio 232/233/282/283 which allows an attacker to change the admin password. The exploit requires the attacker to craft a malicious HTML page which when visited by the admin, will submit a POST request to the vulnerable device with the new password. The password must be minimum 6 digits.
VideoSpirit Lite 1.77 is vulnerable to a SEH buffer overflow vulnerability. The vulnerability is caused due to a boundary error when handling specially crafted .AVI files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .AVI file.
VideoSpirit Pro version 1.90 is vulnerable to a SEH buffer overflow. The vulnerability is caused due to a boundary error when handling specially crafted .AVI files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .AVI file.
Provj v5.1.5.8 is vulnerable to a buffer overflow vulnerability when a specially crafted .m3u file is loaded. An attacker can exploit this vulnerability by creating a malicious .m3u file and sending it to the victim. When the victim opens the file, the attacker can execute arbitrary code on the victim's system.
Hanso Converter 2.4.0 is vulnerable to a buffer overflow vulnerability which can be exploited to cause a denial of service. The vulnerability is caused due to a boundary error when handling specially crafted .ogg files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .ogg file. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the application.
The J-Web is a GUI based network management application used on Junos devices. The web application is vulnerable to a remote code execution vulnerability which permits privilege escalation. The file/jsdm/ajax/port.php allows execution of arbitrary user supplied PHP code via the rs POST parameter. Code executes with UID=0 (root) privileges, however you are confined to a chroot. Privilege escalation can be achieved by waiting for an administrator to log in and reading the contents of /tmp to hijack their session.
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the Wordpress Highlight Premium Themes. An attacker can exploit this vulnerability to upload arbitrary files to the server, which can lead to remote code execution. The vulnerability exists due to insufficient validation of uploaded files in the upload-handler.php script. An attacker can send a malicious request to the vulnerable script and upload arbitrary files to the server.
Has been detected a SQL Injection vulnerability in the 'Affectations' functionality of this application. The affected resource and parameter are the following: Resource: /view/objectDetail.php Parameter: objectId This vulnerability allows the execution of arbitrary SQL code against the database, and arbitrary access to the file system.
A security vulnerability was found in Vivotek IP cameras that could allow an unauthenticated remote attacker to bypass the RTSP basic authentication and access the video stream.
Services By CQR