An information disclosure vulnerability exists in SAP Crystal Reports for Visual Studio, Version - 2010, which could allow an attacker to intercept the 'Export' report http request, copy the '__CRYSTALSTATE' + <crystal report user control> Viewer name parameter value, decode the base64 value and gain access to database information such as name, credentials, Internal Path disclosure and some debugging information.
ZoneMinder 1.32.3 contains a stored cross site scripting vulnerability in the 'Filters' page. The 'Name' field used to create a new filter is not being properly sanitized. This allows an authenticated user to inject arbitrary javascript code, which will later be executed once a user returns to the Filters page.
CyberPower PowerPanel Business Edition 3.4.0 contains a stored cross site scripting vulnerability. The fields used to configure SNMP trap receivers are not being properly sanitized. This allows an authenticated user to inject arbitrary javascript code, which will later be executed once a user returns to the Event Action / Recipient page.
Varient 1.6.1 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'user_id' parameter in the POST request. The attack pattern is '%27)/**/oR/**/3211170=3211170/**/aNd/**/(%276199%27)=(%276199'
Ciuis CRM version 1.6 is vulnerable to SQL injection in the 'eventType' parameter. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands.
Worksuite is a project management software written in Laravel 5.4 (PHP Framework) which is specifically developed for freelancers and SMEs (Small/Medium sized enterprises). An attacker can exploit a SQL injection vulnerability in the 'password' parameter of the login page to execute arbitrary SQL commands. The attack pattern used is '%27 RLIKE (case when 5021001=5021001 then 0x454d49524f474c55 else 0x28 end) and '7917'='7917' and the POST method used is http://localhost/worksuite24/public/login^_token=1knO8SR8Erjg56Mza4VaEv1Mb9lj5HiJBPmbTnFx&password=3115065[SQLINJECT HERE]
LibreNMS is an open source network monitoring system. A vulnerability in LibreNMS v1.46 allows an authenticated user to execute arbitrary code on the server. This is due to the lack of input validation in the 'community' parameter of the 'addhost' page. An attacker can craft a malicious payload and inject it into the 'community' parameter to execute arbitrary code on the server.
When v4 is created, it will have inferred types for its elements, indicating that they will be JSObjects. In the block following the function definition, v4's prototype is changed to a new object with a double as element 0. This does not change the inferred element types of v4, presumably because these only track own properties/elements and not from prototypes. v7 is executed a few times, and eventually v4.pop() will return the double from the prototype, which is then dereferenced as a pointer.
Weak security measures like bad input field data filtering has been discovered in the «Live Chat Unlimited». Current version of this premium WordPress plugin is 2.8.3. Go to the demo website https://site.com/try/lcx/night-bird/ and open chat window by clicking on «Open/close» link, then click on «Online mode» to go online. Use your payload inside input field and press [Enter]. Provided exaple payloads working on the admin area, so it's possible to steal admin cookies or force a redirect to any other website.
Weak security measures like bad textarea data filtering has been discovered in the «iLive - Intelligent WordPress Live Chat Support Plugin». Current version of this premium WordPress plugin is 1.0.4. An attacker can use their payload inside an input field and press [Enter] to exploit the vulnerability. This can be used to steal admin cookies or force a redirect to any other website.
Services By CQR