A stored cross-site scripting vulnerability exists within the 'Survey Menu' functionality of the LimeSurvey administration panel. Vulnerable Parameters: Surveymenu[parent_id].
A user can run arbitrary commands on the router as root due to hardcoded credentials. The credentials are VIP/V!P83869000, Root/PWDd0N~WH*4G#DN, root/gksrmf28, and admin/admin.
This parameter 'cid' is vulnerable to Error-Based blind SQL injection in this path '/Complaint%20Management%20System/admin/complaint-details.php?cid=60' that leads to retrieve all databases.
PNPSCADA 2.200816204020 allows SQL Injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This vulnerability can results attacker to inject the XSS payload in User Registration section and each time admin visits the manage user section from admin panel, the XSS triggers and attacker can able to steal the cookie according to the crafted payload.
This parameter 'catId' is vulnerable to Time-Based blind SQL injection in this path '/medical/inventeries.php?catID=1' that leads to retrieve all databases.
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the 'filename' parameter when using the download action or thru 'path' parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Input passed to the 'data' parameter in 'QH.aspx' for delete action is not properly sanitised before being used to delete files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using their absolute path or via directory traversal sequences passed within the affected POST parameter.
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/User/User.xml' and obtain administrative login information that allows for a successful authentication bypass attack.
An unauthenticated attacker can exploit a vulnerability in Microsoft SharePoint Server 2019 to execute arbitrary code on the server. The vulnerability exists due to the way SharePoint handles deserialization of user-supplied data. An attacker can send a specially crafted request to the server to exploit the vulnerability and execute arbitrary code on the server.
Services By CQR