Comodo Chromodo Browser Update Service (ChromodoUpdater) installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
This router is a widely used here in Albania. It is given by a telecom provider to the home and bussiness users. The problem is that this router has hardcoded credentials which "can not be changed" by a normal user. Using these credentials we don't have to much access but the lack of authentication security we can download the backup and get the admin password. Using that password we can login to telnet server and use a shell escape to get a reverse root connection.
Comodo Dragon Browser Update Service (DragonUpdater) installs as a service with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
An attacker can exploit SQL & XSS vulnerabilities in Just Dial Clone Script by injecting malicious code into the 'fid' parameter of the 'restaurants-details.php' page. This can allow the attacker to gain access to the admin page and execute malicious SQL queries.
B2B Portal Script is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the database server through the web application. This can be done by appending malicious SQL queries to the vulnerable parameter in the URL. For example, http://localhost/advancedb2b/view-product.php?pid=294' can be used to exploit this vulnerability.
An SQL injection vulnerability exists in Advance MLM Script, which is a PHP-based MLM software. The vulnerability is due to insufficient sanitization of user-supplied input in the 'newid' parameter of the 'news_detail.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's database, which can be used to access or modify sensitive data, or to gain access to the application's backend.
The root account for the local MySQL database of Cisco Firepower Threat Management Console has poor password complexity, allowing an attacker to bypass authentication and gain access to the database.
An authenticated user can run arbitrary system commands as the www user which leads to root. A valid session and CSRF token is required. The webserver runs as a non-root user which is permitted to sudo commands as root with no password.
This exploit allows an attacker to execute arbitrary code on a vulnerable Witbe device. The exploit is triggered by sending a malicious POST request to the /cgi-bin/applyConfig.pl page, which contains a command to open a reverse shell to the attacker's machine. The attacker can then execute arbitrary code on the vulnerable device.
Netgear Genie installs a service called 'Fortitude HTTP' with an unquoted service path running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
Services By CQR