Bludit version 3.9.2 is vulnerable to an authentication bruteforce mitigation bypass. This vulnerability allows an attacker to bypass the bruteforce protection mechanism of the application and brute-force the login page. The vulnerability is due to the application not properly validating the X-Forwarded-For header. An attacker can send a crafted X-Forwarded-For header with a valid username and an invalid password to bypass the bruteforce protection mechanism.
Cross-Site Request Forgery (CSRF) vulnerability in Multi User v1.8.2 plugin for GetSimple CMS allows remote attackers to add an Admin user via authenticated admin visiting a third-party site.
A vulnerability in Artica Proxy 4.3.0 allows an attacker to bypass authentication by sending a crafted payload to the /fw.login.php?apikey= endpoint. This allows an attacker to gain access to the web interface and execute arbitrary commands.
vBulletin 5.5.4 through 5.6.2 are vulnerable to a remote code execution vulnerability caused by incomplete patching of the previous 'CVE-2019-16759' RCE. This logic bug allows for a single pre-auth request to execute PHP code on a target vBulletin forum.
CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar and .phtml files. A malicious user can perform remote code execution by creating a .phtml or .ptar file with malicious PHP payload, uploading it in the 'File Manager' module, and clicking on the uploaded file to perform remote code execution.
Fuel CMS 1.4.7 allows SQL Injection via parameter 'col' in pages/items, permissions/items, navigation/items and logs/items Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
A successful attempt to exploit this vulnerability could allow to execute code during startup or reboot with the elevated privileges.
A vulnerability in ManageEngine ADSelfService Plus could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists due to insufficient validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted system. A successful exploit could allow the attacker to execute arbitrary code on the system with the privileges of the web server process.
Daily Expenses Management System 1.0 is vulnerable to SQL Injection in the 'item' parameter of the 'add-expense.php' file and the 'fullname' parameter of the 'user-profile.php' file. An attacker can exploit this vulnerability by sending a malicious payload to the vulnerable parameter. This payload can be used to extract sensitive information from the database.
The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page. An attacker can send a malicious payload to the vulnerable parameter to gain access to the database. The payload used in this exploit is 1337'union+select+1,2,version(),database(),5,6,7,8,9,10 -- -. The sqlmap command used to exploit this vulnerability is sqlmap -u "http://example.com/CMSsite/search.php" --data="search=1337*&submit=" --dbs --random-agent -v 3.
Services By CQR