The corresponding embeded webserver 'PST10 WebServer' typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks.
Gr8 Gallery Script is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'X' parameter in the 'video-gallery' and 'photo-gallery' scripts. This can be exploited to bypass authentication, access, modify and delete data in the back-end database.
Gr8 Tutorial Script is vulnerable to SQL Injection. Attackers can inject malicious SQL queries via the 'user' and 'track' parameters in the 'users.php' and 'track' scripts respectively.
A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim into opening a document from the attacker's share. An attacker can exploit this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet.
This exploit bypasses the Windows Supervisor Mode Execution Prevention (SMEP) on x86 systems. It uses a gadget found in the ntoskrnl.exe and FortiShield.sys drivers to disable SMEP. The exploit is tested on Windows 10 Pro x86 1703/1709 with ntoskrnl.exe version 10.0.16299.309 and FortiShield.sys version 5.2.3.633.
This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the upload_file.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.
Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.
Ruby on Rails Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request to request.rb.
PHPMailer versions up to and including 5.2.19 are affected by a vulnerability which can be leveraged by an attacker to write a file with partially controlled contents to an arbitrary location through injection of arguments that are passed to the sendmail binary. This module writes a payload to the web root of the webserver before then executing it with an HTTP request. The user running PHPMailer must have write access to the specified WEB_ROOT directory and successful exploitation can take a few minutes.
This module exploits an arbitrary root command execution vulnerability in OP5 Monitor welcome. Ekelow AB has confirmed that OP5 Monitor versions 5.3.5, 5.4.0, 5.4.2, 5.5.0, 5.5.1 are vulnerable.
Services By CQR