This plugin shows the most trending threads. Trending thread titles aren't sanitized to user input. Have a trending thread in the widget and change the thread title to a payload <script>alert('XSS')</script> Anyone that visits the forum will execute payload.
Park Ticketing Management System 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by adding a malicious payload to the URL. The payload ' AND (SELECT 8292 FROM (SELECT(SLEEP(5)))XIQB) AND 'QCDH'='QCDH can be used to test the vulnerability. If the web server makes the user wait for 5 seconds, then it is vulnerable.
An attacker can exploit a SQL injection vulnerability in User Management System 1.0 by adding a malicious payload to the URL. If the web server makes the attacker wait 5 seconds, then it is vulnerable. The attacker can then exploit it using sqlmap.
This plugin allows users to delete their account. Giving a reason for deleting your account is vulnerable to XSS.
This exploit basically implements the exploits Phineas Fisher used to pwn Hacking Team and the Cayman Trust Bank place. It uses the Shellshock vulnerability to gain a command execution primitive as the 'nobody' user in the cgi-bin/jarrewrite.sh web-script, spawns a trivial reverse shell using /dev/tcp.
A stored cross-site scripting vulnerability exists in Simple Public Chat Room 1.0, which allows an attacker to inject malicious JavaScript code into the 'msg' parameter of the send_message.php page. This malicious code is then stored in the application and is executed when the page is loaded by other users, resulting in the execution of the malicious code in the context of the victim's browser.
A SQL injection vulnerability exists in Simple Public Chat Room 1.0, which allows an attacker to bypass authentication by sending a specially crafted HTTP POST request. The vulnerability is due to insufficient sanitization of user-supplied input in the 'username' and 'password' parameters of the 'login.php' script. An attacker can exploit this vulnerability by sending a malicious HTTP POST request with a crafted payload in the 'username' and 'password' parameters. This will allow the attacker to bypass authentication and gain access to the application.
Home Assistant Community Store (HACS) version 1.10.0 is vulnerable to a path traversal attack, which allows an attacker to gain access to sensitive files and potentially take over an account. The exploit involves sending a crafted GET request to the vulnerable server, which will return the contents of the requested file. The attacker can then use this information to craft a valid JWT token, which can be used to authenticate as the owner of the account.
Quick.CMS 6.7 is vulnerable to an authenticated Remote Code Execution vulnerability. An attacker can exploit this vulnerability by sending a specially crafted payload to the vulnerable application. This payload will execute arbitrary code on the server, allowing the attacker to gain access to the system.
Services By CQR