The PDW File Browser is a plugin for the TinyMCE and CKEditor WYSIWYG editors. The PDW File Browser contains a stored and Reflected XSS vulnerability which results in code execution within the browser of an authenticated user. This vulnerability can be exploited when an authenticated user visits the crafted URL (i.e. when phished or when visiting a website containing the URL). Stored XSS is a result of insufficient input sanitization within the 'rename' functionality within the PDW file browser. Reflected XSS is a result of insufficient input sanitization of the 'path' parameter when fetching the file specifications (file_specs.php).
InoERP 0.7.2 is vulnerable to unauthenticated remote code execution. An attacker can exploit this vulnerability by sending a malicious payload to the target server via a POST request to the json_fp.php file. This payload will execute arbitrary code on the target server.
Online Health Care System 1.0 is vulnerable to Cross Site Scripting (Stored) vulnerability. An attacker can inject malicious JavaScript code into the First Name and Last Name fields of the registration page. The malicious code will be stored in the database and will be executed when the user/doctor account is viewed on the admin panel or http://localhost/healthcare/admin/user_detail.php?id=<userid> address.
CMS Made Simple 2.1.6 is vulnerable to Server-Side Template Injection. An attacker can inject malicious code into the 'cntnt01detailtemplate' parameter of the vulnerable application and execute arbitrary commands on the server.
TextPattern is vulnerable to an authenticated remote code execution via unrestricted file upload. An attacker can exploit this vulnerability by uploading a malicious file to the target server and executing it. This vulnerability affects TextPattern versions <= 4.8.3.
This exploit is a python script which bypasses the authentication bruteforce mitigation of Bludit CMS version 3.9.2 and below. It takes the URL of the login page, username and password dictionaries as arguments and tries to brute force the login page. If successful, it prints a success message and exits.
A stored cross-site scripting vulnerability exists in the Gym Management System 1.0 web application. An attacker can exploit this vulnerability by injecting malicious JavaScript code into the Package Name and Description fields. When a user visits the page, the malicious code will be executed in the user's browser.
An authentication bypass vulnerability exists in Gym Management System 1.0. By sending a specially crafted request with payload jyot' or 1=1# in Username and Password field, an attacker can bypass authentication and gain access to the admin panel.
School Faculty Scheduling System 1.0 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'username' parameter in the 'manage_user.php' page. By exploiting this vulnerability, an attacker can gain access to the database and can execute arbitrary SQL queries.
School Faculty Scheduling System 1.0 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'id' parameter in the 'manage_user.php' page. By sending a specially crafted request, an attacker can extract the database name and MariaDB version.
Services By CQR