ZuzMusic 2.1 suffers from a persistent Cross-Site Scripting vulnerability. An attacker can inject malicious JavaScript code into the vulnerable parameters name, subject and message. The injected JavaScript code will be executed when the Administrator open the malicious message.
Listing Hub CMS 1.0 suffers from a SQL Injection vulnerability. An attacker can perform an 'error-based' SQL Injection using the payload '2%27%20AND%20(SELECT%204588%20FROM(SELECT%20COUNT(*),CONCAT(0x3a3a,user(),0x3a3a,database(),0x3a3a,version(),0x3a3a,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.PLUGINS%20GROUP%20BY%20x)a)--%20-' to access the vulnerable path 'https://[PATH]/pages.php?title=privacy-policy&id=2'
Find a Place CMS Directory 1.5 suffers from a SQL Injection vulnerability. An attacker can send a POST request using a payload to the path https://[PATH]/assets/external/data_2.php to perform a 'Generic UNION query' and extract admin credentials.
NetSetMan 4.7.1 is vulnerable to a denial of service attack when a specially crafted string is copied to the clipboard and pasted into the 'Workgroup' field. This causes the application to crash.
MaxxAudio licenses their driver technology to OEMs and is commonly installed on Dell Laptops (and others) as part of other driver installations. MaxxAudio drivers version 1.6.2.0 install with incorrect file permissions. As a result a local attacker can escalate to SYSTEM level privileges. Dell PSIRT has acknowledged the issue and advises updating to a supported driver.
Reliance on untrusted inputs (CWE-807), insufficient data verification and lack of any cryptographic authentication (hmac etc) at IPN callback (ipn_callback() function in Gateway.php at 374 line) allow remote (even unauthorized) attacker to bypass payment process and spoof real order status without actually paying for it.
A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts. It manifests itself in the form of a crash and under gdb, it was found that the OpenTypeLayoutEngine::adjustGlyphPositions function attempts to access an invalid memory region.
Sign in to admin panel. then go to the inventory tab. Switch to the products tab and create a new product. In product image, click the browse button and select a file. When you save the product, the script is loaded with the error file to the server. for example service unvailable. path to the file we uploaded http://localhost/[PATH]/runtime/ProductModel/[FILE]
This exploit allows an unprivileged user to gain admin privileges in M/Monit version 2.0.151021. The exploit uses a POST request to the '/admin/users/update' endpoint with a specially crafted payload. The payload includes the username and password of the unprivileged user, as well as a specially crafted 'oldpassword' parameter. If the request is successful, the unprivileged user will be granted admin privileges.
NBMonitor 1.6.5 is vulnerable to a denial of service attack when a maliciously crafted input is sent to the 'Key' field. An attacker can exploit this vulnerability by running the python script 'NBMonitor.py', which will create a new file 'PoC.txt'. The attacker can then copy the text from the generated PoC.txt file to clipboard, open NBMonitor.exe, go to Register > Enter Registration Code, write anything in 'Name' field, paste clipboard in 'Key' field and click on button -> Ok, which will cause the application to crash.
Services By CQR