This module abuses a directory traversal flaw in Interactive Graphical SCADA System v9.00. In conjunction with the traversal flaw, if opcode 0x17 is sent to the dc.exe process, an attacker may be able to execute arbitrary system commands.
This module exploits an anonymous remote code execution on D-Link DIR-605L routers. The vulnerability exists while handling user supplied captcha information, and is due to the insecure usage of sprintf on the getAuthCode() function. This module has been tested successfully on DLink DIR-605L Firmware 1.13 under a QEMU environment.
Ahmad Moghimi discovered a filter bypass and privilege escalation vulnerability in Avira internet security avipbb.sys. This vulnerability allows an attacker to bypass the filter and gain elevated privileges. The vulnerability affects the latest version of Avira internet security. The exploit code is available in the form of a .7z file and a demo is available in the form of a .swf file.
A Remote Code Execution vulnerability exists in ZonPHP v2.25 due to improper validation of user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the vulnerable server.
An attacker can upload a malicious file to the vulnerable WordPress Area53 theme by exploiting the Arbitrary File Upload vulnerability. The malicious file can be uploaded by sending a POST request to the vulnerable php.php file with the malicious file as a parameter. The malicious file can then be accessed at the path http://site.com/wordpress/wp-content/uploads/2013/10/up.php
The select_query() function in the /includes/dbfunctions.php file of WHMCS 5.2.8 is vulnerable due to Register Globals. An attacker can exploit this vulnerability by sending a POST request to the /whmcs/viewticket.php file with a malicious SQL query in the tid parameter.
This module exploits a buffer overflow in SikaBoom. It sends a malicious payload to the vulnerable application, which then allows the attacker to execute arbitrary code on the target system.
Multiple persistent input validation web vulnerabilities has been discovered in the Elite-Graphix ElitCMS v1.01 web-application. The vulnerability allows remote attackers to inject own malicious script codes to the application-side of the vulnerable module. The vulnerabilities are located in the `name` and `email` value of the `contact` module. Remote attackers are able to inject own malicious script codes to the application-side of the vulnerable module. The request method to inject is POST and the attack vector is located on the application-side.
This exploit allows an attacker to inject malicious SQL code into the vulnerable Woltlab Burning Board Regenbogenwiese 2007 Addon. The vulnerability exists in the ‘regenbogenwiese.php’ file, where the ‘kategorie’ parameter is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL code. This code will be executed in the backend database, allowing the attacker to gain access to sensitive information such as usernames, passwords, emails, etc.
This vulnerability allows an attacker to inject malicious SQL queries via the "listing_id" parameter in the "index_ext.php" script. This vulnerability is due to the lack of input validation and sanitization of the "listing_id" parameter. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL queries.
Services By CQR