UltimatePOS 2.5 allows users to upload arbitrary files which leads to a remote command execution on the remote server. The attacker can create a file with a malicious PHP code and upload it as a jpg file. The attacker can then edit the filename from filename.jpg to filename.php and then access the file using the URL http://domain/storage/img/1533988576_cmd.php?cmd=id. This will allow the attacker to execute arbitrary commands on the remote server.
Due to improper session management low privilege users are able to create administrator accounts through a crafted POST request.
An attacker can exploit a directory traversal vulnerability in PCViewer vt1000 to gain access to sensitive files on the target system. By sending a specially crafted GET request, an attacker can traverse the directory structure and access files outside of the web root directory.
Run the python exploit script, it will create a new file with the name 'exploit.txt' just copy the text inside 'exploit.txt' and start the CuteFTP program. In the new window click 'File' > 'Connect' > 'Connect To URL'. Now Paste the content of 'exploit.txt' into the field: 'Connect To URL'. Click 'OK' and you will see a crash.
Run the python exploit script, it will create a new file with the name 'exploit.txt' just copy the text inside 'exploit.txt' and start the program. In the new window click 'Help' >'Enter Registration Code...'. Now in the new window paste the content of 'exploit.txt' into the field:'Registration Name' and add the following into the 'Registration Code' field:'1234567891011121'. Click 'OK' and you will see a crash.
A few critical and trivial remote code execution bugs were found in ImageMagick, Evince, GIMP, and other PDF/PS tools. These bugs include file disclosure, shell command execution, memory corruption and type confusion. One of the bugs was found to be exploited in the wild. It was suggested to disable PS, EPS, PDF and XPS coders in policy.xml by default.
Geutebrueck re_porter 16 is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the vulnerable parameters of the application. This code will be executed in the browser of the victim when the malicious URL is visited.
A buffer overflow vulnerability exists in Easyboot 6.6.0, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error when handling specially crafted files. This can be exploited to cause a stack-based buffer overflow via an overly long file name. Successful exploitation of this vulnerability may allow an attacker to cause a DoS.
An unauthenticated attacker can send a specially crafted HTTP request to the vulnerable server to disclose credentials stored in the gscsetup.xml file.
UltraISO is vulnerable to a Denial of Service attack when a maliciously crafted file is opened. An attacker can exploit this vulnerability by creating a file with a large number of 'A' characters and then opening it in UltraISO. This will cause the application to crash.
Services By CQR