The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
A server-side request forgery (SSRF) vulnerability exists in the VidiU management interface within the RTMP settings and the Wowza server mode functionality. The application parses user supplied data in the GET parameters 'url' and 'xml_url' to construct a page request that loads the configuration for specific service. Since no validation is carried out on the parameters, an attacker can specify an external domain and force the application to make a HTTP request to an arbitrary destination host, including xml data parsing (XXE potential). This can be used by an external attacker for example to bypass firewalls and initiate a service and network enumeration on the internal network through the affected application.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
A Cross-Site Request Forgery (CSRF) vulnerability exists in Siemens SIMATIC S7-1200 CPU family, all versions prior to V4.1.3, which could allow an attacker to send malicious requests to the target system. An attacker can craft a malicious HTML form and submit it to the target system, which will then execute the malicious request without the user's knowledge or consent.
In the Add New Technician (s) section on the /admin/technicians page of the ManageEngine Recovery Manager Plus 5.3 (Build 5330) application, allows remote authenticated users with the Login Name parameter is vulnerable to XSS. The parameters entered are written in the database and affect all users.
After creating an account, a user can navigate to 'Edit profile' and put a malicious payload into the 'Birthday' field. This will result in an alert box in the page. Additionally, a Cross Site Request Forgery attack can be performed by submitting a malicious form to the 'submit_profile.php' page.
Private Message PHP Script 2.0 suffers from persistent cross site scripting. You can put your malicious javascript payload. When target opens your message, payload will be executed before self destruction.
Superfood - Restaurants & Online Food Order System 1.0 suffers from multiple vulnerabilities. For Persistent cross site scripting, after creating an account, go to the profile and navigate to 'Update profile' and put the payload '/><script>alert('xss')</script>. For CSRF, attacker can change user's authentication directly. For Admin panel Authentication bypass, go to http://restaurant.thesoftking.com/admin and put the payload 'admin'-- in the username field.
The website has filtered all the inputs for sql injection BUT you can use the user_setting page in order to Inject SQL code by using POST method. A payload can be used in the Address field of the profile info page, which will be executed whenever someone visits the profile.
Services By CQR