Codiad is vulnerable to authenticated remote code execution. An attacker can exploit this vulnerability by sending a malicious payload to the vulnerable component. This payload will be executed on the server side and can be used to gain access to the system.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
ActivIdentity 8.2 is a desktop authentication software that uses smarts cards and readers for enterprise, government and commercial establishments. An unquoted service path vulnerability exists in ActivIdentity 8.2, which allows an attacker to gain elevated privileges on the system. The vulnerability is caused by the ac.sharedstore service, which is installed with the ActivIdentity 8.2 software, and is configured to run with LocalSystem privileges. The service is installed with an unquoted service path, which allows an attacker to gain elevated privileges on the system.
This software installs EDTService.exe, version 11.10.2.1. The service is configured to run with LocalSystem privileges and the path to the executable is not quoted, which could allow an attacker to gain elevated privileges.
A stored XSS vulnerability exists in Hotel And Lodge Management System 1.0, which allows an attacker to inject malicious JavaScript code into the 'Customer Name' parameter of the 'Customer Details' page. This code is then stored in the database and executed when a user views the customer details page, allowing the attacker to steal the user's cookie.
Lack of sanitization in the 'votes[]' parameter in 'Edit Poll' causes a second-order semi-blind SQL Injection that is triggered when performing a 'Move/Copy' operation on the thread.
The OSAS Traverse Extension 11 contains a vulnerability in the 'travextensionhostsvc' service, which is installed with the default configuration and is set to auto-start. The service binary path is not quoted, which allows a local attacker to gain elevated privileges by placing a malicious executable in the same folder as the service binary.
ProFTPD only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server, you can block other legitimite users from making a connection to the server, if the the connections/ip isn't limited.
The exploit requires the target administrator to have a valid ACP session. The exploit involves escaping various checks, downloading a .js file from an external server, encoding the payload with String.fromCharCode, and sending the full vector to the target.
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 is vulnerable to a weak default WiFi password algorithm. The default WiFi password is generated based on the MAC address of the device. The algorithm is predictable and can be easily guessed by an attacker. This allows an attacker to gain access to the device and potentially gain access to the network.
Services By CQR