Login to the application and create an HTML file using the code provided. Open the HTML page in the browser and click on 'Submit Request'. This will cause the modem to reboot.
This exploit allows an attacker to execute arbitrary commands on a vulnerable Oracle WebLogic Server instance via a GET request. The exploit works by sending a specially crafted request to the server, which contains a malicious payload that is executed by the server. The payload is a Java expression that is evaluated by the server and executed as a command.
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. An URL Encoded version of the payload is %22%61%63%63%65%73%73%6b%65%79%3d%22%78%22%6f%6e%63%6c%69%63%6b%3d%22%61%6c%65%72%74%60%58%53%53%60%22. In order to trigger the alert, the victim has to press the following buttons ALT+SHIFT+X where X is an arbitrary button inserted as accesskey attribute in the payload.
A stored cross-site scripting vulnerability exists in Online Examination System 1.0, which allows an attacker to inject malicious JavaScript code into the 'name' field of the sign up form. This code is then stored in the database and is reflected each time a user logs in with their credentials.
This vulnerability could permit executing code during startup or reboot with the escalated privileges.
This vulnerability could permit executing code during startup or reboot with the escalated privileges.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A Directory Traversal vulnerability has been discovered in the 'getPreviewImage' function of Oracle Business Intelligence Enterprise Edition. The 'getPreviewImage' function is used to get a preview image of a previously uploaded theme logo. By manipulating the 'previewFilePath' URL parameter an attacker with access to the administration interface is able to read arbitrary system files.
The DhcpClient method of the d-bus interface to blueman-mechanism is prone to an argument injection vulnerability. On systems where the isc-dhcp-client package is removed and the dhcpcd package installed, this leads to Local Privilege Escalation to root from any unprivileged user. Also on default installations with isc-dhcp-client installed, this can lead to DoS attacks by bringing any interface down or allows users to attach XDP objects to an interface.
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.
Services By CQR