A persistent input validation web vulnerability is detected in the ILIAS eLearning v4.3.4 & v4.4 CMS web-application. The bug allows an attacker (remote) to implement/inject malicious own malicious persistent script codes (application side). The persistent web vulnerability is located in the `Notes & Comments` module. Remote attackers are able to inject own malicious script code via POST method request in the vulnerable comment or note parameters. The execute occurs in the in the comments and private notes modules of the admin panel.
BlazeDVD 6.2 is vulnerable to a buffer overflow vulnerability when a specially crafted .plf file is opened. This can be exploited to execute arbitrary code by overwriting the SEH handler with a POP/POP/RET sequence and then placing shellcode on the stack.
This exploit is used to disclose the password of Pirelli Discus ADSL DRG A125g. It uses LWP::UserAgent and HTTP::Request to send a GET request to the vulnerable file wansinglecfg.cmd. The content of the response is parsed to extract the username and password.
A SQL injection vulnerability exists in the PHP RSS Reader 2010 application. An attacker can exploit this vulnerability to gain access to the application's database and extract sensitive information such as usernames and passwords. The vulnerability is due to the application not properly sanitizing user-supplied input before using it in an SQL query. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This will cause the application to execute the malicious SQL statements and return the results of the query.
A CSRF File Upload vulnerability exists in WordPress Curvo Themes. An attacker can craft a malicious form and upload a file to the vulnerable website without the user's knowledge or consent.
An arbitrary file upload vulnerability in the WordPress SAICO theme allows an attacker to upload a malicious PHP file to the server. This can be done by sending a POST request to the php.php file in the framework/_scripts/valums_uploader/ directory with the malicious file as a parameter. The malicious file can then be accessed at the path http://site.com/wordpress/wp-content/uploads/2013/10/up.php
The file that causes the DoS is available at https://github.com/pedrib/PoC/blob/master/vlc-crash.asf. It was not possible to get code execution.
This module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.
The ARRIS DG860A NVRAM Backup 'Compressor/Decompressor' vulnerability allows an attacker to access the router.data file without authentication, which contains password information in plain text. The backup file is world readable without authentication and contains password information in plain text.
This module exploits a directory traversal vulnerability on the version 5.2 of the BIMS component from the HP Intelligent Management Center. The vulnerability exists in the UploadServlet, allowing the user to download and upload arbitrary files. This module has been tested successfully on HP Intelligent Management Center with BIMS 5.2 E0401 on Windows 2003 SP2.
Services By CQR