With support for automatic thumbnails & image resizing in over 200 image formats, robust privacy options, secure image manager, external storage a feature rich admin area and free migration scripts, Reservo really does tick every box. Reservo Image Hosting is vulnerable to XSS attacks. The affected function is its search engine. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.
Testing for malicious files verifies that the application/system is able to correctly protect against attackers uploading malicious files. Vulnerabilities related to the uploading of malicious files is unique in that these “malicious” files can easily be rejected through including business logic that will scan files during the upload process and reject those perceived as malicious. Additionally, this is different from uploading unexpected files in that while the file type may be accepted the file may still be malicious to the system.
The Transmission BitTorrent Client uses a client/server architecture, the user interface is the client and a daemon runs in the background managing the downloading, seeding, etc. Clients interact with the daemon using JSON RPC requests to a web server listening on port 9091. By default, the daemon will only accept requests from localhost. However, an attack called 'dns rebinding' can be used to bypass this restriction. This attack works by a user visiting a malicious website, which has an iframe to a domain that the attacker controls. The attacker's DNS server responds alternately with 127.0.0.1 and an address they control with a very low TTL. When the browser resolves to the address they control, they serve HTML that waits for the DNS entry to expire, then they XMLHttpRequest to the domain they control and have permission to read and set headers.
Seagate Media Server uses Django web framework and is mapped to the .psp extension. Any URL that ends with .psp is automatically send to the Seagate Media Server application using the FastCGI protocol. Two views were found to be affected by unauthenticated command injection. The affected views are: uploadTelemetry and getLogs. These views takes user input from GET parameters and pass these unvalidated/unsanitized to methods of the commands Python module. This allows an attacker to inject arbitrary system commands, that will be executed with root privileges.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Synology Photo Station. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SYNOPHOTO_Flickr_MultiUpload function. When parsing the prog_id parameter, the process does not properly validate a user-supplied string before using it to execute a call to file_put_contents. An attacker can leverage this vulnerability to execute code under the context of the PhotoStation user.
A command inject web vulnerability has been dioscovered in the official Flash Operator Panel v2.31.03 web-application. The vulnerability allows remote attackers to execute system specific commands on the application-side of the vulnerable service. The vulnerability is located in the `name` value of the `adduser` module. Remote attackers are able to inject own system specific commands to compromise the web-application or connected service. The request method to inject is POST and the attack vector is located on the application-side.
A buffer overflow vulnerability exists in OBS-Studio-20.1.3 when a maliciously crafted input is processed by the application. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. To exploit this vulnerability, an attacker must first copy a specially crafted string to the clipboard, then create a new profile in the application and paste the string into the input field. This will cause a buffer overflow and allow the attacker to execute arbitrary code.
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Adminer is vulnerable to Server Side Request Forgery (SSRF) allowing an attacker to initiate unauthenticated connections to arbitrary systems/ports. This vulnerability can be used to potentially bypass firewalls to identify internal hosts and perform port scanning of other servers for reconnaissance purposes.
RISE Ultimate Project Manager version 1.9 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a malicious payload to the application via the 'search' parameter in the POST request. This payload will cause the application to sleep for 20 seconds, indicating a successful exploitation of the vulnerability.
Services By CQR