An XSS issue was discovered in VirtueMart before 3.2.14. All the textareas in the admin area of the plugin can be closed by simply adding </textarea> to the value and saving the product/config. By editing back the product/config, the editor's browser will execute everything after the </textarea>, leading to a possible XSS.
The plugin allows administrators to save notes and display them in a list in the ACP. The CSRF allows an attacker to remotely delete all admin notes.
XATABoost CMS is vulnerable to a Union Based SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
Anhkgg discovered a buffer overflow vulnerability in 2345NsProtect.sys of 2345 Security Guard 3.7. The vulnerability is triggered when a specially crafted IOCTL 0x8000200D is sent to the driver. This can be exploited to cause a denial of service condition (BSOD) by corrupting kernel memory.
An issue was discovered in WUZHI CMS 4.1.0 (https://github.com/wuzhicms/wuzhicms/issues/131) There is a xss vulnerability that can stealing administrator cookie, fishing attack, etc. via the tag[pinyin] parameter post to the /index.php?m=tags&f=index&v=add&&_su=wuzhicms&_menuid=?&_submenuid=?
An OS command injection vulnerability resulting in code execution as the built-in admin user. A crafted entry can result in the ability to escape from the restricted admin user's menu driven CLI to a full Linux operating system shell in the context of the admin user. The attack vector is the trap destination (hostname/IP) parameter of the test_snmp function.
Cross-site scripting (XSS) vulnerability found in Multiple instances of Open-AudIT Community - 2.2.0 that allows remote attackers to inject arbitrary web script or HTML, as demonstrated in below POC. Login as user who is having access to download scripts, navigate to Discover -> Audit Scripts -> List Scripts -> Download, capture the request using the Burp suit tool and append payload to ‘action’ variable payload: =download"><script>alert(‘XSS’)</script>. Multiple Instances: Discover -> Audit Scripts -> List Scripts -> Download, Admin -> Logs -> View System Logs, Admin -> Logs -> View Access Logs, etc.,
Cross-site scripting (XSS) vulnerability found in Multiple instances of Open-AudIT Professional - 2.1.1 that allows remote attackers to inject arbitrary web script or HTML, as demonstrated in below POC. Login as user who is having Attributes Creation role, navigate to Manage -> Attributes -> Create Attributes, fill the form with XSS payload in ‘Name’ field and submit payload: <script>alert('XSS')</script>. Multiple Instances: Admin -> Logs -> View System Logs, Manage -> Attributes -> Create Attributes, Manage -> Users -> Create Users.
ApMsgFwd.exe belonging to Dell Touchpad, ALPS Touchpad driver, ALPS pointing-device for VAIO, Thinkpad Ultranav Driver ..etc allows the current user to map and write to the 'ApMsgFwd File Mapping Object' section. ApMsgFwd.exe uses the data written to the section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section.
Adds a new section to user profiles that will display their last posts. Persistent XSS can be achieved by creating a thread with the subject <script>alert('XSS')</script> and visiting the profile to see the alert.
Services By CQR