The latest version of Google Chrome (Tested on Version 24.0.1312.57) fails to properly recognize HTTP Basic Authentication when injected in various HTML tags. As a result of this behavior Chrome will not alert the user when HTTP Basic Authentication is taking place or when credentials are rejected. This behavior is particularly concerning with respect to small office and home routers. Such devices are easily brute forced using this method. Many of these devices have the default password enabled which brings me to part II of this bug. Silent HTTP Authentication allows the attacker to log into the router and change settings with no alerts and or warnings issued by Chrome. The end result allows an attacker to brute force the router login, connect to the router, enable remote administration and of course control all information on the entire network via DNS attacks etc.
The vulnerability allows remote attackers via POST method to inject local app webserver folders to request unauthorized local webserver files.
image title is vulnerable to persistent XSS vulnerability which allow any normal member to hack any administrator account or any other member account.
This vulnerability allows an attacker to execute arbitrary commands on the vulnerable system with the privileges of the web server. It requires a valid account as at least a user and the target to have outgoing internet connectivity.
The vulnerability is caused by missing input validation in the ping_size parameter and can be exploited to inject and execute arbitrary shell commands. It is possible to upload and execute a backdoor to compromise the device. You need to be authenticated to the device or you have to find other methods for inserting the malicious commands.
The vulnerability is caused by missing input validation in the ping_ipaddr parameter and can be exploited to inject and execute arbitrary shell commands. It is possible to start a telnetd or upload and execute a backdoor to compromise the device. You need to be authenticated to the device or you have to find other methods for inserting the malicious commands.
The vulnerability is caused by missing input validation in the ping_size parameter and can be exploited to inject and execute arbitrary shell commands. It is possible to start a telnetd or upload and execute a backdoor to compromise the device. You need to be authenticated to the device or you have to find other methods for inserting the malicious commands.
A heap overflow vulnerability exists in Schneider Electric Accutech Manager Server, which is triggered when a specially crafted GET request is sent to the server on port 2537. This can allow an attacker to execute arbitrary code on the vulnerable system. Credit also goes to Aaron Portnoy and ExodusIntel for discovering this vulnerability.
A SQL injection vulnerability exists in Easy Live Shop System, which allows an attacker to execute arbitrary SQL commands via the 'aid' parameter in the 'index.php' script. An example of a malicious request is 'index.php?seite=17&aid=NULL/**/UNION/**/SELECT/**/NULL,CONCAT(CHAR(61),CHAR(61),CHAR(123),CHAR(123),CHAR(123),name,0x7c,0x7c,Email,0x7c,0x7c,Passwort,CHAR(125),CHAR(125),CHAR(125),CHAR(125),0x7c),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL/**/FROM/**/LS_Kunden'
When creating a file with the poc below, you'll have to open the playlist file in kmplayer, a box will pop up just press OK. After that press the play button to trigger the DOS vulnerability. The program will not be able to respond until the process is killed using the task manager.
Services By CQR