A Cross-Site Request Forgery (CSRF) vulnerability exists in Rukovoditel 2.6.1 which allows an attacker to change the password of a user without their knowledge. This is achieved by sending a maliciously crafted request to the vulnerable application. The request contains a form session token and the new password which is set by the attacker. This vulnerability can be exploited by an attacker to gain access to the application.
An attacker can exploit a SQL injection vulnerability in the Courier Management System 1.0 application by sending a malicious payload in the 'MULTIPART street' parameter of the 'ajax.php?action=save_branch' page. This will allow the attacker to inject malicious SQL code and gain access to the application's databases.
Courier Management System 1.0 is vulnerable to stored XSS. An attacker can exploit this vulnerability by logging in to the CMS with any valid user credentials, clicking on the logged in username on header and selecting Manage Account, renaming the user First Name or Last Name to '<script>alert(1111)</script>', updating the profile and this will trigger the XSS. Logging out and logging in again will display the domain name.
Dolibarr 12.0.3 is vulnerable to a SQL injection vulnerability which can be exploited to gain remote code execution. The vulnerability exists in the ‘loginfunction’ parameter of the ‘index.php’ page. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements. This can be used to gain access to the system and execute arbitrary code.
The SQL payload gets executed and authentication is bypassed successfully.
Rukovoditel 2.6.1 is vulnerable to a Remote Code Execution vulnerability. An attacker can exploit this vulnerability by uploading a malicious file to the server and then triggering it using a Local File Inclusion. This will allow the attacker to execute arbitrary code on the server.
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description that is displayed on item creation. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission. The vulnerability can be exploited by an authenticated user with Overall/Manage permission.
A stored cross-site scripting (XSS) vulnerability exists in Openfire 4.6.0. An attacker can send a malicious payload to the vulnerable parameter 'sql' in the 'db-access.jsp' page, which will be stored in the database and executed when the page is accessed. The payload used in this exploit is '"><ScRiPt>alert(document.cookie)</ScRiPt>', which will display the user's cookies when the page is accessed.
Openfire 4.6.0 is vulnerable to Stored XSS in the 'users' parameter. An attacker can inject malicious JavaScript code into the 'users' parameter of the create-bookmark.jsp page. When a user visits the page, the malicious code will be executed in the user's browser.
A stored cross-site scripting (XSS) vulnerability exists in Openfire 4.6.0. An attacker can send a malicious payload to the vulnerable parameter 'groupchatJID' in the 'create-bookmark.jsp' page, which will be stored in the database and executed when the page is loaded. The payload used in this exploit is '><ScRiPt>alert(document.cookie)</ScRiPt>', which will display the user's cookie information in an alert box.
Services By CQR