The Simple Student Attendance System v1.0 is vulnerable to a Time Based Blind SQL Injection. An attacker can exploit this vulnerability by sending a crafted POST request with a malicious payload to the 'id' parameter in the delete_student function of the actions.class.php file. This allows the attacker to perform unauthorized SQL queries, potentially leading to data leakage or manipulation. This exploit has been tested using sqlmap tool.
The Comments Like Dislike plugin for WordPress <= 1.2.0 allows unauthorized modification of data due to a missing capability check on the restore_settings function called through an AJAX action. Authenticated attackers with minimal permissions, such as subscribers, can reset the plugin's settings. The issue was only partially patched in version 1.2.0, making the nonce still accessible to subscriber-level users.
An attacker can send crafted HEX values to a specific GATT Charactristic handle on the Maxima Max Pro Power smartwatch to perform unauthorized actions like changing Time display format, updating Time, and notifications. Due to lack of integrity checks, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.
A Stored Cross Site Scripting vulnerability in Petrol Pump Management Software v.1.0 allows attackers to execute malicious code by uploading a crafted payload to the 'Image' parameter in the 'profile.php' component. By uploading an 'xss.svg' file, an attacker can inject arbitrary scripts into the application.
The AC Repair and Services System v1.0 is vulnerable to SQL injection attacks due to improper input validation. An attacker can manipulate the SQL queries to execute arbitrary SQL commands, leading to unauthorized access to the database or data manipulation. This vulnerability has been demonstrated using sqlmap tool to perform time-based blind SQL injection attacks.
The exploit code serves as a vulnerability checker and proof of concept for CVE-2023-36845. It triggers the phpinfo() function on the login page of the target device, enabling inspection of the PHP configuration. The script also provides the option to save the phpinfo() output for further analysis.
The RoyalTSX application version 6.0.1.1000 for macOS crashes due to a heap memory corruption issue. Specifically, the crash occurs when the SecureGatewayHost object in the RoyalTSXNativeUI processes a hostname with an array of approximately 1600 bytes and the 'Test Connection' function is activated. This results in an instant crash of the application.
Electrolink FM/DAB/TV Transmitter devices are prone to a credentials disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information such as login credentials. This vulnerability affects multiple versions of the Electrolink transmitters including Compact DAB Transmitter, Medium DAB Transmitter, High Power DAB Transmitter, Compact FM Transmitter, Modular FM Transmitter, Digital FM Transmitter, VHF TV Transmitter, and UHF TV Transmitter.
WebCatalog before version 48.8 is vulnerable to arbitrary protocol execution due to calling the Electron shell.openExternal function without proper verification of the URL, allowing an attacker to execute code through arbitrary protocols on the victim's machine by tricking users into syncing pages with malicious URLs. This could result in bypassing security measures for malicious file delivery.
The Simple Inventory Management System v1.0 is susceptible to SQL Injection. The user inputs ($_POST['email'] and $_POST['pwd']) are directly inserted into the SQL query without adequate validation or sanitization, enabling potential manipulation by malicious users. This could lead to the injection of SQL code through specially crafted input, posing a significant security risk.
Services By CQR