A insufficient session validation vulnerability has been discovered in the VestaCP v0.9.8-26 web-application. The vulnerability allows remote attackers to bypass the authentication process of the web-application to gain access to the restricted user accounts. The security risk of the vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 8.3. Exploitation of the vulnerability requires no user interaction or privileged web-application user account. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent external redirects to malicious source and persistent manipulation of affected or connected web-application module context.
Employee Performance Evaluation System 1.0 is vulnerable to Persistent Cross Site Scripting. An attacker can exploit this vulnerability by logging in with Admin Credentials and clicking on 'Task' button. Then, clicking on Add New Task Button and adding the payload 'ritesh"><img src=x onerror=alert(document.domain)>' into the input field of Task and Description. When the attacker clicks on Save, the XSS payload is triggered.
The SQL payload gets executed and authorization is bypassed successfully.
Dup Scout Enterprise 10.0.18 is vulnerable to a remote buffer overflow vulnerability. The vulnerability exists in the 'online_registration' web service, which is enabled by default. An attacker can exploit this vulnerability by sending a specially crafted POST request with an overly long string in the 'Content-Length' header. This will cause a buffer overflow, allowing the attacker to execute arbitrary code on the target system.
An attacker can exploit a Cross Site Scripting vulnerability in vBulletin 5.6.3 by navigating to the Admin CP, clicking on Styles, clicking Style Manager, choosing a theme, and choosing the action 'Add new template'. The attacker can then put a title and template of '1' and click 'Save and Reload'. This will generate a new URL which can be tested with different browsers. If the attacker adds a malicious script to the URL, they can execute a Cross Site Scripting attack.
This vulnerability can results attacker to inject the XSS payload in User Registration section and each time admin visits the manage user section from admin panel, and home page too. XSS triggers and attacker can able to steal the cookie according to the crafted payload.
RarmaRadio 2.72.5 is vulnerable to Denial of Service attack. An attacker can create a new .txt file with a large amount of data and paste the content in the field Username, Address and Server and click in OK to crash the application.
TapinRadio 2.13.7 is vulnerable to Denial of Service attack. An attacker can create a new .txt file with a buffer of 20000 'K' characters and paste the content in the field Username and Address in the Preferences option of the program. After clicking in OK, the program will crash and the user will need to uninstall and install again the program.
Kite 1.2020.1119.0 is vulnerable to an unquoted service path vulnerability. This vulnerability can be exploited by an attacker to gain elevated privileges on the system. The vulnerability exists because the KiteService service is installed with an unquoted service path. An attacker can exploit this vulnerability by placing malicious files in the same directory as the service executable and then executing them with elevated privileges.
This vulnerability can results attacker to inject the XSS payload in admin username and each time any user will visits the website, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.
Services By CQR