Exploits the 'Report File' buffer when sending an e-mail report via the Report wizard. Entering an overly long string, results in a crash which overwrites SEH.
An authenticated remote code execution vulnerability exists in Pandora FMS 7.0NG in the 'net_tools.php' file. The vulnerability is due to the lack of proper input validation when handling user-supplied data. An attacker can exploit this vulnerability by sending a malicious payload to the vulnerable file. This will allow the attacker to execute arbitrary code on the vulnerable system.
This vulnerability exists in the 'add_panel_form()' function of the 'panels.php' file. In line 527, an 'eval' tag is present which allows for code execution. In line 532, a POST request is made which allows for Cross Site Scripting.
Exploits the 'Force Check' option when listing the Host Checks in option 'Check List'. Entering an overly long string, results in a crash which overwrites SEH.
Grandstream UCM6200 Series CTI Interface is vulnerable to a SQL injection vulnerability in the 'user_password' parameter. An attacker can exploit this vulnerability to gain access to the user's password.
A vulnerability in DrayTek Vigor2960, Vigor3900, and Vigor300B routers allows an unauthenticated attacker to execute arbitrary code with root privileges. This vulnerability is due to improper validation of user-supplied input in the web management page. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the web management page. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code with root privileges.
CVE-2020-0796 is a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol which can allow an unauthenticated attacker to execute arbitrary code on the target system. The vulnerability is caused by a memory corruption issue in the SMBv3 protocol, which can be triggered by sending a specially crafted packet to a targeted SMBv3 server. The vulnerability affects Windows 10 version 1903 and 1909, Windows Server version 1903 and 1909, and Windows Server version 2004.
Zen Load Balancer 3.10.1 is vulnerable to remote code execution. An attacker can send a malicious XML payload to the vulnerable server to execute arbitrary code. This exploit was discovered by Cody Sixteen and was tested on Linux.
Exploits the functionality to load a list of computers from a file. Some DLL's and the main EXE don't rebase, which allowed for some instruction reusage for ROP. Used a jump after ROP to go to a buffer for more space.
A directory traversal vulnerability exists in Joomla! com_fabrik 3.9.11 due to insufficient sanitization of user-supplied input in the 'folder' parameter of the 'onAjax_files' function in the 'fabrik_element/image/image.php' script. An attacker can exploit this vulnerability to read arbitrary files from the server.
Services By CQR