A Cross-Site Scripting (XSS) vulnerability was discovered in EmailArchitect Enterprise Email Server 10.0. An attacker can exploit this vulnerability to inject malicious JavaScript code into the application, which will be executed in the browser of a user who visits the affected page. The malicious code can be used to steal cookies, hijack user sessions, redirect users to malicious websites, and perform other malicious activities.
Axigen Mail Server 8.0.1 is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the body of an email message, which will be executed when the message is viewed by the victim. The malicious code can be used to steal session cookies, redirect the victim to malicious websites, or perform other malicious actions.
Multiple SQL injection vulnerabilities exist on the 'id' parameter, which is used across different sections of the application. Authenticated attackers can execute arbitrary SQL queries.
ArDown is vulnerable to a Remote Blind SQL Injection vulnerability. An attacker can exploit this vulnerability to gain access to the admin panel of the application. The attacker can send a malicious HTTP request to the server with a crafted SQL query to extract the username and password of the admin panel.
This exploit allows an attacker to execute arbitrary code on a vulnerable Joomla website using the com_enmasse component. The attacker can use the 'concat' and 'floor' functions to extract the admin password hash from the jos_users table.
WespaJuris is a software for law firms. Use this exploit to upload a webshell on vulnerable applications. The exploit works by bypassing the login form with SQLi strings, configuring file formats to add php, adding a new client, adding a new process, adding a new task, adding a new document type and finally uploading the webshell.
The uplay ActiveX component allows an attacker to execute any command line action. User must sign in, unless auto-sign in is enabled and uplay must not already be running. Due to the way the malicious executable is served (WebDAV), the module must be run on port 80, so please make sure you have enough privilege to do that. Ubisoft released patch 2.04 as of Mon 20th July.
The Bug Tracking Software suffers from a stored XSS vulnerability when parsing user input to the 'comment' and 'mystatus' parameters via POST method thru 'bugdetails.do' and 'addmystatus.do' scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
The Oracle Business Transaction Management Server 12.1.0.2.7 installs a web service called 'FlashTunnelService' which can be reached without prior authentication and processes incoming SOAP requests. It can be reached at the following URI: http://[host]:7001/btmui/soa/flash_svc/. This soap interface exposes the 'deleteFile' function which could allow to delete arbitrary files with administrative privileges on the target server through a directory traversal vulnerability.
The mentioned product installs a web service called 'FlashTunnelService' which can be reached without prior authentication and processes incoming SOAP requests. It can be reached at the following uri: http://[host]:7001/btmui/soa/flash_svc/. This soap interface exposes the writeToFile function which could allow to write arbitrary files on the target server.
Services By CQR