This script will perform retrieval of clear text credentials for an eWON Flexy router. It combines two vulnerabilities: authentication bypass (fixed in 13.1s0) and a weak password encryption, allowing cleartext password retrievel for all users (fixed in 13.3s0)
AVCON6 video conferencing system is vulnerable to remote root command execution due to improper input validation. An attacker can exploit this vulnerability by sending a specially crafted payload to the vulnerable server. This payload will execute arbitrary commands on the server with root privileges.
This module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user.
This module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the 'autoElevate' property set to true, however it can be moved to a new Windows directory containing a space (C:Windows System32) where, upon execution, it will load our payload dll (propsys.dll).
XSS flaws occur whenever an application includes untrusted data in a new web page without proper validation or escaping, or updates an existing web page with user supplied data using a browser API that can create JavaScript. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.
Through the SQL injection vulnerability, a malicious user could inject SQL code in order to steal information from the database, modify data from the database, even delete database or data from them.
Dolibarr ERP/CRM is vulnerable to multiple SQL injection attacks. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious payloads in the actioncode parameter. This can allow the attacker to execute arbitrary SQL commands on the underlying database.
A Cross-Site Scripting (XSS) vulnerability was discovered in the WordPress Plugin Sell Downloads 1.0.86. An attacker can inject malicious JavaScript code into the comment field of a product, which will be executed when the product page is viewed. This can be used to steal session cookies or perform other malicious actions.
The DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.
Enigma NMS is vulnerable to a SQL injection vulnerability in the search_pattern parameter of the manage_hosts_short.cgi script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a malicious payload to the vulnerable script. This payload will cause the server to pause for a specified amount of time, allowing the attacker to enumerate the database.
Services By CQR