A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
Composr CMS 10.0.34 is vulnerable to persistent cross-site scripting (XSS) in the 'banners' feature. An attacker can inject malicious JavaScript code into the 'Description' field of the 'Add banner' feature, which will be executed in the browser of any user who visits the website.
Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device.
Sony's BRAVIA Signage is an application to deliver video and still images to Pro BRAVIAs and manage the information via a network. BRAVIA digital signage is vulnerable to a remote file inclusion (RFI) vulnerability by including arbitrary client-side dynamic scripts (JavaScript, VBScript, HTML) when adding content though the input URL material of type html. This allows hijacking the current session of the user, execute cross-site scripting code or changing the look of the page and content modification on current display.
Marital - Online Matrimonial Project In PHP version 1.0 suffers from a File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading a maliciously crafted PHP file. An authenticated (you can register a user for free) not privileged user is able to upload arbitrary file in the upload form used to send profile pics, if the file is a PHP script, it can be executed.
An attacker can gain admin panel access using malicious sql injection queries. Steps to reproduce: 1. Open admin login page using following URl: -> http://localhost/Address%20Book/login.php 2. Now put below Payload in both the fields( User ID & Password) Payload: admin' or '1'='1 3. Server accepted our payload and we bypassed cpanel without any credentials.
Coastercms 5.8.18 is vulnerable to stored XSS. An attacker can inject malicious JavaScript code into the vulnerable parameter “Edit Page tab”. This code will be stored in the database and will be executed when a user visits the page. The malicious code can be used to steal the user’s cookie, redirect the user to a malicious website, etc.
An attacker can craft HTML page containing POST information to have the victim sign into an attacker's account, where the victim can add information assuming he/she is logged into the correct account, where in reality, the victim is signed into the attacker's account where the changes are visible to the attacker.
The core of the issue began with the File Manager plugin renaming the extension on the elFinder library’s connector.minimal.php.dist file to .php so it could be executed directly, even though the connector file was not used by the File Manager itself. Such libraries often include example files that are not intended to be used “as-is” without adding access controls, and this file had no direct access restrictions, meaning the file could be accessed by anyone. This file could be used to initiate an elFinder command and was hooked to the elFinderConnector.class.php file. Using connector.minimal.php file attacker can upload arbitrary file to the target (unauthenticated) & thus can achieve Remote code Execution.
Car Rental Management System 1.0 is vulnerable to SQL Injection and Local File Inclusion. An attacker can exploit this vulnerability to gain access to the database information and execute malicious code on the server. The vulnerable page for SQL Injection is http://localhost/carRental/index.php?page=view_car&id=4 and for Local File Inclusion is http://localhost/carRental/index.php?page=about and http://localhost/carRental/admin/index.php?page=movement. The proof of concept for Local File Inclusion is http://localhost/carRental/index.php?page=php://filter/convert.base64-encode/resource=home and http://localhost/carRental/admin/index.php?page=php://filter/convert.base64-encode/resource=db_connect.
Services By CQR