FinderView is vulnerable to Path Traversal and Reflected XSS. An attacker can exploit this vulnerability to view directory and execute malicious scripts in the victim's browser.
A CSRF vulnerability exists in XuezhuLi FileSharing, which allows an attacker to add a new user to the system without the user's knowledge or consent. An attacker can craft a malicious HTML page containing a form with hidden fields, which when visited by an authenticated user, will submit the form and add a new user to the system. This can be exploited by an attacker to gain access to the system.
XuezhuLi FileSharing is vulnerable to path traversal. An attacker can exploit this vulnerability to read arbitrary files from the server by manipulating the 'file_name' parameter in the 'download.php' and 'viewing.php' scripts. This can be done by sending a specially crafted HTTP request with '../' sequences and a filename to the vulnerable script.
GetSimpleCMS Version 3.3.10 suffers from arbitrary file upload vulnerability which allows an attacker to upload a backdoor. This vulnerability is that the application uses a blacklist and whitelist technique to compare the file against mime types and extensions. For exploiting this vulnerability we will create a file by adding the percent behind extension.
This vulnerability allows an attacker to read any file on the server. The vulnerability exists due to insufficient sanitization of user-supplied input in the "page" parameter of the "show_page.php" script. A remote attacker can send a specially crafted request to the vulnerable script and read any file on the server.
YetiForce CRM was built on a rock-solid Vtiger foundation, but has hundreds of changes that help to accomplish even the most challenging tasks in the simplest way. YetiForce is vulnerable to a stored XSS vulnerability present within a users comment section. Within 'Companies & Accounts > Accounts' select your prefered user, and then in the 'Comments' section input; <img src=x onerror=alert('XSS');> Either refresh the current page, or navigate back to 'Accounts' and the XSS payload will be triggered.
Radiant is a no-fluff, open source content management system designed for small teams. It is vulnerable to multiple persistent XSS vulnerabilities. The attacker must first be a user of sorts, as there's only 2 types of roles 'administrator' & 'designer'. When uploading, the user is presented with the option to create a title for an image, which gets displayed back in the general repository. The attacker can input their own javascript within this field, thus when a user then visits the 'assets' page, they will be presented with a pop up. Additionally, when a user navigates to the 'Settings page', they can edit their Personal Preferences & Configuration. The attacker can input malicious javascript within the Name, Email Address, and Username fields, which will be reflected back to the admin when they visit the http://127.0.0.1/admin/users/ page.
An authorized attacker can use a special request to read files from the server and then escalate his or her privileges.
Authorized attacker can use a special request to read files from the server and then escalate his or her privileges.
By exploiting this vulnerability, a website can causes this garbage collector to handle some data in memory as if it was an object, when in fact it contains data for another type of value, such as a string or number. The garbage collector code will use this data as a virtual function table (vftable) in order to make a virtual function call. An attacker has enough control over this data to allow execution of arbitrary code.
Services By CQR