The Victor CMS v1.0 application is vulnerable to SQL injection in c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, edit parameter of admin_update_categories.php. An attacker can inject their SQL payload to these ids or use sqlmap to dump.
Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of Stivasoft/PHPJabbers Appointment Scheduler v2.3 (and many others, in example from 'ilmiogestionale.eu', since some companies/web agencies did a script rebrand/rework) allows remote attacker to inject arbitrary script or HTML. Request parameters affected: 'date', 'action', arbitrarily supplied URL parameters, possible others.
Employee Record System 1.0 is vulnerable to multiple stored XSS. An attacker can exploit this vulnerability by logging in to the application with any valid user credentials, clicking on Add Employee, inputting malicious JavaScript code in all fields except phone number fields, and clicking on ADD RECORD to save the record. When the All Employees page is clicked, the stored XSS payloads are triggered. To view all stored XSS, the View Employee Icon must be clicked.
Log in to the application with any valid user credentials. Click on Add New Question Page. Input <script>alert(document.cookie)</script> in the new question field and select add new question. Once you have an XSS payload as a question in add new question page, click on View Questions Page. This will trigger the XSS payload.
An attacker can exploit this vulnerability by sending a maliciously crafted request to the application. This can be done by appending a malicious SQL query to the 'id' parameter in the request. This can be done by using various payloads like boolean-based blind, error-based, stacked queries, and time-based blind.
Medical Center Portal Management System 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by manipulating the 'id' parameter in the URL. By using various payloads, an attacker can gain access to the database and view the contents. The payloads used are boolean-based blind, error-based, time-based blind and UNION query.
Content Management System 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a maliciously crafted request to the application. By exploiting this vulnerability, an attacker can gain access to the database and disclose all the contents of the database.
An attacker can exploit a SQL injection vulnerability in Content Management System 1.0 by sending a maliciously crafted request to the 'http://127.0.0.1/ajax.php?action=login' page. This can be done by capturing the request of the page in Burp Suite, saving the POST packet, and running sqlmap on the request file using the command 'python3 sqlmap.py -r request.txt --random-agent --batch --dbms "mysql" --time-sec=5 --no-cast --dbs". This will inject successfully and allow for an information disclosure of all databases contents.
A stored XSS vulnerability exists in Content Management System 1.0, where an attacker can inject malicious JavaScript code into the 'First Name' field of the user profile. By logging in with any valid user credentials, clicking on the logged in username on the header and selecting Manage Account, an attacker can rename the user First Name to a malicious JavaScript code. Upon updating the profile, the XSS will be triggered and the domain name will be displayed when the user logs in again.
An attacker can access system OS configurations and commands that are not intended for use beyond the web UI through unsanitized user input in the web interface for Linksys WiFi extender RE6500.
Services By CQR