A remote sql-injection web vulnerability has been discovered in the official CentOS Web Panel v0.9.8.12 web-application. The vulnerability allows remote attackers to inject own malicious sql commands to compromise the connected web-server or dbms. The sql-injection vulnerability is located in the `row_id` and `domain` value of the `Add a domain` moudle. Remote attackers are able to inject own malicious sql commands to compromise the web-application or connected dbms.
NCH Software MixPad is vulnerable to a buffer overflow vulnerability when a specially crafted file is opened. This can be exploited to execute arbitrary code by corrupting memory. The vulnerability is caused due to a boundary error when processing a specially crafted file. This can be exploited to cause a stack-based buffer overflow by writing past the end of an allocated fixed-length buffer.
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.
A Denial of Service vulnerability exists in phpFreeChat 1.7 and earlier. An attacker can send a specially crafted request to the vulnerable server to cause a denial of service. This vulnerability is caused due to an error in the handling of the 'cmd' parameter in the 'handleRequest' function in 'index.php', which can be exploited to cause a denial of service.
Multiple persistent validation web vulnerabilities has been discovered in the official CentOS Web Panel v0.9.8.12. The vulnerability allows remote attackers to inject own malicious script codes to the application-side of the affected vulnerable modules. The vulnerabilities are located in the `id` and `email_address` value of the `/admin/index.php` and `/admin/edit_user.php` modules. Remote attackers are able to inject own malicious script codes to the application-side of the vulnerable modules.
The vulnerability allows remote attackers to inject own malicious script codes on the application-side of the vulnerable shopware 5.2.5 & 5.3 cms. The persistent cross site scripting vulnerability is located in the `name` and `description` value of the `s_articles_attributes` table. Remote attackers are able to inject own malicious script codes to the vulnerable `name` and `description` value of the `s_articles_attributes` table. The request method to inject is POST and the attack vector is located on the application-side. The persistent vulnerability is also located in the `name` and `description` value of the `s_articles_attributes_options` table. The security risk of the persistent cross site scripting web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 4.4. Exploitation of the persistent cross site scripting web vulnerability requires no privileged web-application user account and low user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent external redirects and persistent manipulation of affected or connected module context.
Attackers can place malicious files outside intended target directories if tricked into importing corrupt .WAR or .EAR archives. Later, attackers can potentially request these scripts/files to execute system commands on affected target.
This exploit allows an attacker to upload arbitrary files to a vulnerable DarkComet server. The vulnerability exists in the way the server handles file uploads. The attacker can use the ‘FILETRANSFER’ command to upload a malicious file to the server, which can then be executed remotely. The exploit is written in Python and uses the Crypto.Cipher library to encrypt and decrypt data sent to and from the server.
The D-Link DNS-325 ShareCenter is vulnerable to an unrestricted file upload vulnerability due to the misuse and misunderstanding of the PHP gethostbyaddr() function. This vulnerability allows an attacker to upload malicious files to the server, which can then be used to execute arbitrary code.
A command injection vulnerability exists in the D-Link DNS-343 ShareCenter <= 1.05. The vulnerability exists due to insufficient sanitization of user-supplied input passed via the "mail_server" parameter to the "/maintenance/test_mail.asp" script. An attacker can exploit this vulnerability to execute arbitrary commands with root privileges.
Services By CQR