Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features.
This product is unprotected against CSRF vulnerabilities. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. An attacker can exploit this vulnerability by crafting a malicious HTML page that contains a form with malicious input fields and submit it to the vulnerable application. This can result in unintended actions being performed on behalf of the user.
The vulnerable file is category.php, which contains a parameter 'id' that is used in an SQL query without any changes. An attacker can use sqlmap to exploit the vulnerability by passing the URL 'http://localhost/resblog/category.php?id=1' with the --dbs --batch option, or by passing a single quote in the URL 'http://TARGET/resblog/category.php?id=1' which will cause an SQL error.
To exploit vulnerability, someone could use 'https://[HOST]/server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../' request to get some informations from the target.
To exploit vulnerability, someone could use 'http://[server]:8090/access/setup?type="</script><script>alert('xss');</script><script>' request to impact users who open a maliciously crafted link or third-party web page.
To exploit vulnerability, someone could use 'http://[server]:8090/log?type="</script><script>alert('xss');</script><script>' request to impact users who open a maliciously crafted link or third-party web page.
Odoo 12.0 is vulnerable to Local File Inclusion (LFI) attacks. An attacker can exploit this vulnerability by sending a crafted HTTP request to the target server. The attacker can use the 'base_import/static/c:/windows/win.ini', 'web/static/c:/windows/win.ini' and 'base/static/c:/windows/win.ini' requests to get some information from the target.
This exploit allows an attacker to execute arbitrary code on a vulnerable system. The exploit is triggered by sending a specially crafted HTTP POST request to the register.php page of the Student Enrollment 1.0 application. The request contains a malicious command in the 'cmd' parameter, which is then executed on the vulnerable system.
To exploit vulnerability, someone could upload an allowed file named “><img src=x onerror=prompt(document.domain)> to impact users who open the page.
Password and username parameters have sql injection vulnerability in Admin login panel.
Services By CQR