An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router potentially allows attackers to bypass SharePort Web Access Portal by directly accessing authenticated pages such as /category_view.php or /folder_view.php. This could potentially allow unauthorized remote access of media stored in SharePort and may perform write operation in the portal.
Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable systems or devices who try to access certain sites are instead redirected to possibly malicious sites. Modifying systems' DNS settings allows cybercriminals to perform malicious activities like steering unknowing users to bad sites, replacing ads on legitimate sites, controlling and redirecting network traffic, and pushing additional malware.
Systematic's SitAware does not validate input from other sources suffenciently. Incoming information utilizing the for example the NVG interface. The following PoC will freeze the Situational Layer of SitAware, which means that the Situational Picture is no more updated. Unfortunately the user can not notice until he tries to work with the situational layer.
If an Admin has not removed the /install/ directory as advised from an osCommerce installation, it is possible for an unauthenticated attacker to reinstall the page. The installation of osCommerce does not check if the page is already installed and does not attempt to do any authentication. It is possible for an attacker to directly execute the "install_4.php" script, which will create the config file for the installation. It is possible to inject PHP code into the config file and then simply executing the code by opening it.
Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable systems or devices who try to access certain sites are instead redirected to possibly malicious sites. Modifying systems' DNS settings allows cybercriminals to perform malicious activities like steering unknowing users to bad sites, replacing ads on legitimate sites, controlling and redirecting network traffic, and pushing additional malware.
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export. Login as low privileged user who is having access to AcySMS Component. Rename user name as @SUM(1+1)*cmd|' /C calc'!A0. When high privileged user logged in and exported user data then the CSV Formula gets executed and calculator will get popped in his machine.
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export. Login as low privileged user who is having access to Acymailing Component. Rename user name as @SUM(1+1)*cmd|' /C calc'!A0. When high privileged user logged in and exported user data then the CSV Formula gets executed and calculator will get popped in his machine.
The vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Homematic CCU2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Test.exe component, which listens on TCP port 8181. The issue lies in the handling of a crafted POST request containing a TCL command. An attacker can leverage this vulnerability to execute code under the context of the webserver.
Contact Form 7 to Database Extension is a WordPress plugin with more than 400.000 active installations. Development is discontinued since 1 year. Version 2.10.32 (and possibly previous versions) are affected by a CSV Injection vulnerability. In order to exploit this vulnerability, the attacker needs to insert an Excel formula into any of the contact form fields available. This will end up in the log, and if a WordPress administrator chooses to export this log as Excel/CSV file, the file will contain the formula. If he then opens the file, the formula will be calculated.
Allok AVI DivX MPEG to DVD Converter is vulnerable to a buffer overflow vulnerability when a user pastes a large amount of data into the 'License Name' field. This can be exploited to execute arbitrary code by overwriting the SEH handler with a jmp instruction and a shellcode.
Services By CQR