NetPCLinker 1.0.0.0 is vulnerable to a buffer overflow vulnerability when a long string is entered into the 'DNS/IP' field of the 'Add Client' dialog. This can be exploited to execute arbitrary code by an attacker.
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password. The PoC code provided allows an attacker to submit a request to the uno.php page with a new admin password.
When a service is created whose executable path contains spaces and isn't enclosed within quotes, leads to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges.
Wing FTP Server have a web console based on Lua language. For authenticated users, this console can be exploited to obtaining a reverse shell. Generate a payload using msfvenom and send and execute it via POST.
Infor Storefront B2B 1.0 is vulnerable to SQL injection via the 'usr_name' and 'itm_id' parameters. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request containing a SQL injection payload. This can be done by appending a single quote character followed by a semicolon and a double dash to the end of the parameter value. This will cause the application to execute the malicious payload, allowing an attacker to gain access to the underlying database.
Online Farm Management System 0.1.0 is vulnerable to Persistent Cross-Site Scripting. An attacker can inject malicious JavaScript code into the review page of the application. This code will be executed in the browser of the victim when the page is loaded. The malicious code can be used to steal the session of the victim, redirect the victim to a malicious website, or perform other malicious activities.
An authentication bypass vulnerability exists in Web Based Online Hotel Booking System 0.1.0. An attacker can exploit this vulnerability by sending a specially crafted payload to the loginauth.php page. The payload consists of a username and password of '1' or 1 = 1 LIMIT 1#. This will bypass the authentication and allow the attacker to access the dashboard.php page.
As a result of the research, one vulnerability identified. (Directory Traversal) Technical information is provided below step by step. Vulnerable Parameter Type: GET Vulnerable Parameter: TARGET/Zyxel/images/eaZy/ Proof of Concepts:https://TARGET/Zyxel/images/eaZy/ <https://target/Zyxel/images/eaZy/>
The Administrator section of the Surveillance module in Global RADAR - BSA Radar 1.6.7234.X and lower allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath parameters in the URL, or while using a proxy. This vulnerability could be used to view local sensitive files or configuration files on the backend server.
Park Ticketing Management System 1.0 is vulnerable to authentication bypass due to lack of sanitization of the $adminuser variable in the index.php file. An attacker can exploit this vulnerability by sending a specially crafted POST request with the username set to ' or '1'='1'# and any password. This will bypass the authentication and allow the attacker to gain access to the application.
Services By CQR