ATutor 2.2.4 is vulnerable to SQL Injection in the 'id' parameter of the admin_delete.php page. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a malicious 'id' parameter. This can be exploited with SQLMAP by supplying a valid User-Agent and the appropriate cookies.
This exploit allows an attacker to remotely access the configuration of SecuSTATION SC-831 HD Camera. The exploit uses a GET request to the camera's cgi-bin/config.bin endpoint to retrieve the configuration file.
The Candid ATS Web application is vulnerable to CSRF to add a new admin user. A proof of concept is provided in the text, which includes a form with hidden inputs that can be used to add a new admin user.
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client. To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it.
This exploit allows an attacker to remotely access the configuration of the ESCAM QD-900 WIFI HD Camera. The exploit uses an HTTP request to access the configuration of the camera, which includes the username and password. The exploit is written in Perl and uses the HTTP::Request and LWP::UserAgent modules.
GUnet OpenEclass <= 1.7.3 E-learning platform is vulnerable to an unauthenticated blind SQL injection vulnerability in the 'uname' post parameter. An attacker can exploit this vulnerability by sending a specially crafted request with a time-based blind SQLi payload and measuring the response time. If the response time is greater than 5 seconds, then the application is vulnerable.
Avaya IP Office version 11.0.0.0 and before has a vulnerable login page (username) which is susceptible to cross-site scripting (XSS) via a POST request due to improper sanitization of user input. XSS via a post request allows for arbitrary code to be executed on the client’s system in the security context of the browser. By submitting a specially crafted username, it is possible to execute arbitrary JavaScript.
A Cross-Site Request Forgery (CSRF) vulnerability exists in Easy2Pilot 7, which allows an attacker to add a new user to the application. An attacker can craft a malicious HTML page and send it to the victim, when the victim visits the page, the malicious code will be executed and a new user will be added to the application.
An information disclosure vulnerability exists when Centaur and TitanSMA fail to properly protect critical system logs such as 'syslog'. Additionally, the implemented Jetty version (9.4.z-SNAPSHOT) suffers from a memory leak of shared buffers that was (supposedly) patched in Jetty version 9.2.9.v20150224. As seen in the aforementioned products, the 'patched' version is still vulnerable to the buffer leakage. Chaining these vulnerabilities allows an unauthenticated adversary to remotely send malicious HTTP packet requests and retrieve sensitive information from the device's memory.
Free Script For Sell Charging Cards and Virtual Products. Vulnerable file: /include/libs/nusoap.php. POST /include/libs/nusoap.php payload : a74ad8dfacd4f985eb3977517615ce25=system('uname -a');
Services By CQR