A Stored Cross-site scripting (XSS) was discovered in wordpress plugins litespeed-cache 3.6. One parameters(server_ip) have Cross-Site Scripting.
This exploit is a Boolean-based blind SQL injection vulnerability in IPeakCMS 3.5. It can be exploited by sending a malicious payload to the vulnerable parameter 'id' in the 'print.php' page. The payload can be used to extract information from the database, such as usernames and passwords.
When a service is created whose executable path contains spaces and isn’t enclosed within quotes, leads to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges (only if the vulnerable service is running with SYSTEM privilege level which most of the time it is). In Windows, if the service is not enclosed within quotes and is having spaces, it would handle the space as a break and pass the rest of the service path as an argument.
dirsearch, when used with the --csv-report flag, writes the results of crawled endpoints which redirect(, to a csv file without sanitization. A malicious server can redirect all of its routes/paths to a path that contains a comma and formula, e.g. /test,=1336+1, and escape the normal dirsearch CSV structure to inject its own formula.
A Cross-Site Request Forgery (CSRF) vulnerability exists in Advanced Webhost Billing System 3.7.0. An attacker can craft a malicious page with an action to delete a contact and blank the token value from the page. When the victim user opens the link, a script present on the crafted page sends a request for delete of contact to the server with an active session ID of the victim and accept the blank token value from the request. This allows the attacker to delete the contact.
To bypass client-side filter, an attacker can use Burp Suite to manipulate the parameter in the POST request and inject a malicious payload. This will allow the attacker to steal the session cookie and hijack the user's session.
The Klog Server runs the injected os commands on the server, causing os command injection vulnerability. The following python code will inject os command payload and can be realized reverse shell connection. And you can be added payload except the default payload plugin.
An authenticated remote code execution vulnerability exists in Online Learning Management System 1.0. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the target system.
CSZ CMS 1.2.9 is vulnerable to multiple Cross-Site Scripting (XSS) attacks. Reflected XSS can be triggered by sending a maliciously crafted URL to the application. Stored XSS can be triggered by an editor account with rights to manage banners and plugins. The malicious payload can be injected into the Name, Note, Album Name, Keyword, Short Description, and Category Name fields.
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITYSYSTEM.
Services By CQR