This exploit allows an attacker to execute arbitrary code on vulnerable HiSilicon video encoders by uploading a malicious firmware file. The exploit creates a RAR file containing the malicious code and then uploads it to the vulnerable device. The exploit has been tested on Linux.
A vulnerability in HiSilicon video encoders allows an unauthenticated attacker to execute arbitrary commands on the device. This vulnerability affects multiple vendors, including URayTech, J-Tech Digital, and ProVideoInstruments. The vulnerability is caused by insufficient input validation of user-supplied data, which allows an attacker to inject arbitrary commands into the device.
This exploit allows an unauthenticated attacker to read arbitrary files on the vulnerable HiSilicon video encoders. The vulnerability is caused by a path traversal issue in the web server, which allows an attacker to access files outside of the web root directory. The vulnerability affects versions up to 1.97 of the HiSilicon video encoders.
A Cross Site Scripting (Stored) vulnerability exists in Online Job Portal 1.0 which allows an attacker to inject malicious JavaScript code into the application. An attacker can exploit this vulnerability by crafting a malicious payload and submitting it to the application. The payload will be stored in the application and will be executed when the page is loaded.
The messaging subsystem in the Online Discussion Forum is vulnerable to XSS in the message body. This will execute when viewing the messages page: http://localhost/Online%20Discussion%20Forum%20Site/messages.php. XSS can be done through the messaging interface, go to http://localhos/Online%20Discussion%20Forum%20Site/messages.php, select 'Send New Message', search for the user to send the message to, click the 'Send Message' button next to the user, and add the javascript in the message body. Alternatively, if you know the user id you can just send the message directly thought the tt parameter of http://localhost/Online%20Discussion%20Forum%20Site/messageH.php.
An authenticated user can upload a malicious shell file to the 'my-profile.php' page of the Online Student's Management System 1.0. The malicious shell file can then be accessed at the 'staffphoto/shell.php' URL.
A blind SQL injection vulnerability exists in the 'Add a Trap Definition' functionality of the SNMP Trap Interface of Nagios XI. The vulnerable parameter is 'id'.
A blind SQL injection vulnerability exists in the 'Manage Users' functionality of the Core Config Manager of Nagios XI. The vulnerable parameter is 'id'.
This exploit allows an attacker to gain remote code execution on a vulnerable CS-Cart installation. The attacker must first upload a PHP reverse shell to the file manager, changing the extension from .php to .phtml. The attacker can then visit the shell.phtml file to gain remote code execution.
An unauthenticated LFI vulnerability exists in CS-Cart versions prior to 1.3.4. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. The request contains a malicious classes_dir parameter which can be used to read arbitrary files from the server.
Services By CQR