Signer v3.0 is vulnerable to Server-Side Template Injection leading to Remote Command Execution due to improper Cookie handling and improper CSRF implementation. An attacker can craft a malicious cookie and send it to the server, which will then be executed as a command.
This plugin keeps a record of a users IP & User-Agent history. The User-Agent isn't sanitized to user input allowing for an XSS via ACP.
A buffer overflow vulnerability exists in Smart VPN 1.1.3.0, which can be exploited by a malicious user to cause a denial of service. The vulnerability is caused due to a boundary error when handling user-supplied input, which can be exploited to cause a stack-based buffer overflow by sending a specially crafted payload of 2100 bytes to the top right search bar. This can allow an attacker to crash the application.
Teameyo Project Management System version 1.0 is vulnerable to SQL Injection. An attacker can send a malicious SQL query to the web application which can be used to extract sensitive information from the database. This can be exploited by sending a specially crafted HTTP request to the vulnerable application. The vulnerable parameter is 'project_id' which can be found in the URL of the application.
For the SQL injection to be applied, the user must log in. Running the injection command in the POC section will display the db data.
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
This exploit is a proof of concept for the Cisco RV300/RV320 vulnerability CVE-2019-1653. It uses a python script to send a GET request to the target URL and check for the status code. If the status code is 200, it returns the text of the response.
Sricam IP CCTV Camera's are vulnerable to denial of service, exploitable by sending multiple incomplete requests.
Easy Video to iPod Converter is vulnerable to a local buffer overflow vulnerability. By entering a specially crafted payload into the 'Enter User Name' field, an attacker can execute arbitrary code on the vulnerable system. The payload consists of 996 A's, followed by a jump instruction, a pop pop ret address, 20 NOPs, and a shellcode.
An unauthenticated Insecure Direct Object Reference (IDOR) vulnerability in LogonBox Limited's (formerly Nervepoint Technologies) Access Manager web application allows a remote attacker to enumerate internal Active Directory usernames. It also allows for the possibility to enumerate Active Directory group names and altering of back-end server jobs (backup and synchronization jobs) depending on the configuration of the system. This is done via the manipulation of the jobId HTTP parameter in an HTTP GET request.
Services By CQR