The vulnerability allows an attacker to inject sql commands into the vulnerable source code. Proof of concept is provided in the text.
Cross site scripting (XSS) vulnerability in the Wordpress Participants Database plugin 1.7.59 allows attackers to inject arbitrary javascript via the Name parameter. The XSS vulnerability is found on the participant signup form input textfield. The get_field_value_display() function in PDb_FormElement.class.php did not escape HTML special characters, allowing an attacker to input javascript. The XSS code will be executed on 2 pages.
The vulnerability allows an attacker to inject sql commands into the vulnerable parameters such as 'index&search&k', 'index&index&p' and 'category&index&id' of the iGreeting Cards 1.0 application.
A2billing 2.x is vulnerable to unauthenticated backup dump and RCE. The vulnerable code is present in the file admin/public/form_data/FG_var_backup.inc. The file is being called at "admin/Public/A2B_entity_backup.php" before the authentication checking proccess take place. By accessing the URL http://HOST//a2billing/admin/Public/A2B_entity_backup.php?form_action=add&path=0x4148.sql, an attacker can dump the full backup. Few hardening is being carried out by the application which did great job prevnting the RCE but still we can bypass it by using the backup dump.
A2billing is vulnerable to sql injection attack resulting from not enough sanitization of several inputs including transactionID. Sending a POST request with transactionID=456789111111 unise//**lectonselinse//**rtect 1,2,3,4,0x706c75676e706179,6,7,8,9,10,11,12,13-//**--&sess_id=4148key=636902c6ed0db5780eb613d126e95268 to the checkout_process.php page will result in redirection of the application and the Location header will contain the decoded payment module which was used in the query, indicating successful injection.
An attacker can create an arbitrary file out of the directory of the gem, or even replace an existing file with a malicious file by assigning a maliciously crafted string like ../../../../../any/where to the field.
The vulnerability laboratory core research team discovered a persistent input validation vulnerability in the official Wibu Systems CodeMeter WebAdmin v6.50 application.
HTTP POST request that contains user parmater which can give us to run Remote Code Execution to the device. The parameter is not sanitized at all, which cause him to be vulnerable.
The vulnerability allows an attacker to inject sql commands. Proof of Concept: http://localhost/[PATH]/[PROFILE][SQL].html http://localhost/[PATH]/[TAG][SQL].html http://localhost/[PATH]/[CHECKLIST][SQL].html our-products/checklist/checklist/tag/social'and+(SeLeCT+1+FrOM+(SeLeCT+count(*),COncaT((SeLeCT(SeLeCT+COncaT(cast(database()+as+char),0x7e))+FrOM+information_schema.tables+where+table_schema=database()+limit+0,1),floor(rand(0)*2))x+FrOM+information_schema.tables+group+by+x)a)+AND+''='.html
The vulnerability allows an attacker to inject sql commands into the vulnerable parameter 'survey' in the URL. Proof of Concept: http://localhost/[PATH]/index.php?option=com_surveyforce&task=start_invited&survey=19&invite=[SQL]
Services By CQR