This plugin adds a feedback system to your forum. Edit feedback button is vulnerable to XSS. Go to a user profile, add feedback and leave the following payload as comment '><script>alert(1)</script>. When clicking Edit payload will execute.
This vulnerability allows an attacker to enumerate valid usernames on Atlassian JIRA versions < 7.13.16, 8.0.0 ≤ version < 8.5.7, 8.6.0 ≤ version < 8.12.0. An attacker can send a GET request to the ViewUserHover.jspa endpoint with a valid username and if the response does not contain the string 'User does not exist', then the username is valid. This vulnerability was discovered by Dolev Farhi and was assigned CVE-2020-14181.
This vulnerability could permit executing code during startup or reboot with the escalated privileges.
Pingzapper 2.3.1 is vulnerable to an unquoted service path vulnerability. This vulnerability can be exploited by a local attacker to gain elevated privileges on the system. The vulnerability exists due to the service path of the PingzapperSvc service not being properly quoted. An attacker can exploit this vulnerability by placing malicious files in the same directory as the service executable and then executing them with elevated privileges.
The web application allows for an unauthenticated file upload which can result in a Remote Code Execution. Executing this script against a target might return a reverse php shell.
A vulnerability in Print Job Accounting 4.4.10 allows an attacker to gain elevated privileges by exploiting an unquoted service path in the OkiJaSvc service.
Fluig 1.7.0 is vulnerable to Path Traversal. An attacker can use this vulnerability to access sensitive files and directories that are stored outside the web root folder. This can include application files, configuration files, and other files stored on the server. The vulnerability exists due to insufficient validation of user-supplied input in the 'file' parameter of the 'vol' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g., '../') in the 'file' parameter of the 'vol' parameter.
This exploit allows an authenticated user to execute arbitrary code on the vulnerable Textpattern 4.8.3 system. The exploit requires the user to have valid credentials and the target system must have the pip3 package installed. The exploit uses the BeautifulSoup4, argparse, and requests packages to login to the target system, upload a malicious PHP file, execute the command, and delete the file.
Union Based SQL Injection has been discovered in the Web Based Quiz System created by sourcecodester/janobe in Welcome page in quiz section eid parameter affected from this vulnerability. The attacker can exploit this vulnerability by sending a malicious payload to the vulnerable URL http://localhost/welcome.php?q=quiz&step=2&eid=60377db362694' Union Select 1,database(),database(),4,5-- -&n=2&t=34
Textpattern CMS 4.9.0-dev is vulnerable to a persistent cross-site scripting (XSS) vulnerability. An attacker can inject malicious JavaScript code into the 'Excerpt' field of the Textpattern CMS admin panel. When a user visits the 'articles' page, the malicious code will be executed in the user's browser.
Services By CQR