CMS Formulasi 2.07 is vulnerable to SQL Injection, XSS and CSRF. An attacker can exploit these vulnerabilities to gain access to sensitive information, execute malicious code and perform unauthorized actions.
A vulnerability exists in FlashChat v6.0.8, v6.0.2, v6.0.4, v6.0.5, v6.0.6, v6.0.7, which allows an attacker to upload arbitrary files to the vulnerable server. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request containing a malicious file to the vulnerable server.
A remote blind SQL Injection web vulnerability is detected in the ELPRO elproLOG MONITOR WebAccess v2.1 Web-Application. The SQL Injection vulnerability allows an attacker (remote) to execute/inject own SQL commands in the vulnerable web-application database management system. The sql injection vulnerability is located in the strend.php file. Remote attackers can inject own sql commands by attacking via http GET method request the affected id parameter of the vulnerable strend.php file.
The vulnerability exists due to insufficient access restrictions to the installation script "/install/install.php", which is present by default after application installation. A remote attacker can change applicationâ??s configuration, such as database host, forcing the application to connect to an external database and spoof information on the website, obtain access to sensitive information or simply cause a denial of service. The vulnerability exists due to insufficient validation of user-supplied input passed to the "db_host", "db_user", "db_pass", a "db_prefix" parameters in the "/install/install.php" script. A remote attacker can inject and execute arbitrary PHP code with privileges of web server.
Vulnerability exists due to insufficient validation of user-supplied input passed via the "gnew_language" cookie to "/users/login.php" script before using it in "include()" function. A remote attacker can include and execute arbitrary local files on a vulnerable system via directory traversal sequence and URL-encoded NULL byte. The vulnerability exists due to insufficient filtration of "friend_email" HTTP POST parameter passed to "/news/send.php" script. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database.
A security vulnerability was discovered in PineApp [1] Mail-SeCure Suite [2], allowing a non-privileged attacker to get a root shell by sending a specially crafted command from the Mail-SeCure console. A valid user account is needed to launch the attack, so this is a privileged escalation vulnerability that can be exploited locally only.
Evince is vulnerable to a denial of service attack when a specially crafted PDF file is opened. The vulnerability is caused due to an integer overflow error when processing the /Root object in a PDF file. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted PDF file.
This proof of concept exploit is for a buffer overflow vulnerability. It attempts to overwrite the return address of the environment with the address of the hacked() function. If successful, it will execute the /bin/sh command. However, the exploit reportedly does not work and the output at the bottom of the entry confirms this.
Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) have been discovered within SimpleRisk version 20130915-01 leading to complete account compromise. The CSRF vulnerability is used to deliver the XSS payload which accesses the authenticated user's session cookies and transmits them to a third-party domain under the attacker's control. Once the attacker has the user's session cookie, the attacker can authenticate to the application as the user.
For node.js applications that parse user-supplied YAML input using the load() function from the 'js-yaml' package < 2.0.5, specifying a self-executing function allows us to execute arbitrary javascript code.
Services By CQR