An attacker can preform an XSS attack via image upload. Steps include creating a payload with the format <img src=x onerror=alert("XSS")>.png, installing the database, registering for a new account, logging in, and uploading the payload to the settings page. Once the payload is uploaded, the XSS attack will be triggered.
A vulnerability in OpenPLC v3 allows an authenticated attacker to execute arbitrary code on the target system. This is achieved by uploading a malicious program to the target system, compiling it, and then running the PLC server. The malicious program contains a reverse shell payload that connects back to the attacker's machine.
An attacker can execute arbitrary code on the vulnerable Hasura GraphQL 1.3.3 server by sending a specially crafted request to the /v1/query endpoint. The attacker can use the SET LOCAL statement_timeout and COPY FROM PROGRAM commands to execute arbitrary code on the server.
Sipwise software platform suffers from multiple authenticated stored and reflected cross-site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
A Cross-Site Scripting (XSS) vulnerability exists in DzzOffice 2.02.1 which allows an attacker to inject malicious JavaScript code into the application. The vulnerability exists in the 'admin_password' parameter of the 'admin.php?mod=setting' page. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable page. The malicious JavaScript code will be executed in the browser of the victim when the vulnerable page is accessed.
By having the role of a teacher or an administrator or a manager (to have the possibility to create a course): Create a new course, give any name, short name, date and other things required. In 'Description' field, click on the 'link' button. In the url field, enter the payload: <img src=1 href=1 onerror='javascript:alert(1)'></img>. Create the link, an alert window appears (close it several times so that it disappears), save the course. Each time the course description is displayed, the stored xss is activated: activate it by viewing the course, by modifying it, etc.
RemoteClinic 2.0 is vulnerable to multiple stored cross-site scripting (XSS) vulnerabilities. An attacker can inject malicious JavaScript code into the application by exploiting the vulnerable fields. The malicious code is then stored in the application and executed when a user visits the affected page.
This exploit allows an attacker to execute arbitrary commands on the target system by exploiting a vulnerability in OTRS 6.0.1. The attacker can use a python reverse shell one liner to gain access to the target system. Manual cleanup needs to be done for the PGP options in the admin panel if the attacker wishes to preserve full working condition.
Hasura GraphQL 1.3.3 is vulnerable to Service Side Request Forgery (SSRF). An attacker can exploit this vulnerability to send requests to internal services that are not accessible from the external network. This can be used to gain access to sensitive information or to perform other malicious activities.
This exploit allows an attacker to read files from the server by exploiting a vulnerability in Hasura GraphQL 1.3.3. The exploit uses a SQL injection to read files from the server. The exploit is written in Python and uses the requests library to send a POST request to the Hasura GraphQL endpoint. The payload contains a SQL query that reads the file specified in the READ_FILE variable. The exploit then prints the contents of the file.
Services By CQR