An unauthenticated attacker can exploit a vulnerability in rConfig 3.9.4 to gain root access to the system. The vulnerability exists in the 'searchField' parameter of the userprocess.php file, which allows an attacker to inject arbitrary code into the system. The attacker can then use this code to gain root access to the system.
Jreport Help function have a path traversal vulnerability in the SendFileServlet allows remote unauthenticated users to view any files on the Operating System with Application services user permission. This vulnerability affects Windows and Unix operating systems.
Everest 5.50.2100 is vulnerable to a denial of service attack when a specially crafted file is opened. An attacker can exploit this vulnerability by running a python code to create a specially crafted file, copying its content to the clipboard, opening the 'Everest Ultimate Edition' application, selecting 'Informe' > 'Asistente de Informes' > 'Next' > Select 'Abrir Archivo', pasting the clipboard content in the 'Abrir Archivo' field, selecting 'Next', and crashing the application.
An unauthenticated user can create an admin user by sending a POST request to the index.php?module=user/user-add page with the necessary parameters. This allows an attacker to gain administrative privileges on the ECK Hotel 1.0-beta application.
An authenticated remote code execution vulnerability exists in Centreo 19.10.8. An attacker can exploit this vulnerability by sending a malicious payload to the 'DisplayServiceStatus' page. This will allow the attacker to execute arbitrary code on the vulnerable system.
This exploit is for TP-Link Archer C50 v3 Build 171227. It is a denial of service attack which sends a malicious HTTP request to the target IP address. The request contains a 'Referer' header with the value 'thewhiteh4t'. This causes the router to crash and reboot.
10-Strike Network Inventory Explorer 8.54 is vulnerable to a local buffer overflow vulnerability when a maliciously crafted input is supplied to the 'Computer' parameter under the title 'Computer Card' in the 'Add' menu. This can be exploited to execute arbitrary code by overwriting the Structured Exception Handler (SEH) with a malicious payload.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
A stored cross-site-scripting security issue in the edit page feature of LeptonCMS 4.5.0 was discovered. The vulnerable parameter is 'content' and the payload is 'content=<script>alert('XSS')</script>'. The exploit was tested on Windows.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
Services By CQR