SiteGo is vulnerable to a Remote File Inclusion vulnerability. This vulnerability exists in two styles (get_templet.php) on line 120, where the application includes a file without proper validation. An attacker can exploit this vulnerability by sending a malicious URL in the MyStyle[StylePath] parameter. For example, http://127.0.0.1/site-go/style/green/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt? or http://127.0.0.1/site-go/style/blue/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt?. This can allow an attacker to execute arbitrary code on the vulnerable system.
This vulnerability allows an attacker to inject malicious SQL queries into the vulnerable application. The attacker can use this vulnerability to gain access to sensitive information stored in the database, such as usernames and passwords. The exploit can be triggered by sending a specially crafted HTTP request to the vulnerable application. The request contains a malicious SQL query that is injected into the application and executed by the database server.
VICIDIAL is a set of programs that are designed to interact with the Asterisk Open-Source PBX Phone system to act as a complete inbound/outbound call center suite. Blind SQL Injection vulnerability exists in VICIDIAL call center suite. An attacker can exploit this vulnerability to inject malicious SQL queries and gain access to sensitive information from the database. XSS/HTTP Prameter pollution vulnerability exists in VICIDIAL call center suite. An attacker can exploit this vulnerability to inject malicious scripts and gain access to sensitive information from the application.
This module exploits a vulnerability in Openfiler v2.x which could be abused to allow authenticated users to execute arbitrary code under the context of the 'openfiler' user. The 'system.html' file uses user controlled data from the 'device' parameter to create a new 'NetworkCard' object. The class constructor in 'network.inc' calls exec() with the supplied data. The 'openfiler' user may 'sudo /bin/bash' without providing a system password.
The vulnerability exists due to a boundary error when handling the 'columns' attribute of the <table> element. By manipulating the 'columns' attribute, an attacker can cause a buffer overflow, resulting in a denial of service or the execution of arbitrary code.
This module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the 'Import Users from File' function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. It must be imported with the default character set 'ECMA-94 / Latin 1 (ISO 8859)'. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
This module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of 'admin:secret', which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.
The application allows authorized users to perform certain actions via HTTP requests without making proper validity checks to verify the source of the requests. This can be exploited to add, delete or modify sensitive information, for example to change administrator's email. An attacker should make logged-in administrator open a malicious link in the browser to exploit this vulnerability.
An attacker can log into the web management UI with an arbitrarily chosen password. Possibilities include but are not limited to reading and writing files stored on the device and altering the device’s configuration. This means an attacker could steal sensitive data stored on the device, leverage the device to drop and/or host malware, abuse the device to send spam through the victim’s Internet connection, and use the device as a pivot point to access locally connected systems or launch attacks directed to other systems. The function that is responsible for changing the administrator password can be called by an unauthenticated used. It uses the flawed assumption that the call is part of an admin session if a static valued cookie is present. Note that the cookie value is checked on the client so it can be easily circumvented by a command line tool.
Clipster Video Persistent XSS Vulnerability can be exploited by entering malicious XSS code in the Username field of the Register page (http://site.com/login.php?action=Register). When a user visits the page, they will be redirected to the malicious URL specified in the XSS code.
Services By CQR