Chakra, the JavaScript engine in Microsoft Edge, is vulnerable to an out-of-bounds read vulnerability. This vulnerability occurs when a variable is initialized with a double constant, but the double constant table fails to find the int value. This leads to an out-of-bounds read, which can be exploited to gain access to sensitive information.
This vulnerability occurs when optimizations for memory operations leave empty loops which can break the control flow. This can be exploited by an attacker to cause unexpected behavior in the program. In the PoC, the empty loop is removed without considering branches, which causes the program to print out 1234 instead of 0.
A vulnerability exists in the JavascriptMath::MaxInAnArray optimization method, which takes the original method 'Math.max' as the first parameter and the arguments object as the second parameter. If the arguments object can't be handled by the method, it explicitly calls the original method 'Math.max'. However, it doesn't check if the property 'Math.max' has changed, so a user defined JavaScript function can be called without updating 'ImplicitCallFlags'.
Any registered user can delete topics and comments in forum without having admin access. Save the below code in html format, Once victim is logged into account. Use the below code. <form method="post" action="https://www.site.com/forum/vanilla/discussion/dismissannouncement?discussionid=3709"><input name=" DeliveryType" value="VIEW" class="input" type="hidden"><input name=" DeliveryMethod" value="JSON" class="input" type="hidden"> <li><label><br></label><input value="Send" class="submit" type="submit"></li> </ul></form>
The vulnerability allows remote attackers to inject own malicious script codes on the application-side of the vulnerable module. The persistent input validation vulnerability is located in the `name` value of the `/cgi-bin/login.cgi` POST method request. Remote attackers are able to inject own malicious script codes to the vulnerable `name` value of the `/cgi-bin/login.cgi` POST method request. The execution of the malicious script code occurs in the main page of the web application after successful login. The request method to inject is POST and the attack vector is located on the application-side.
Weblogic wls-wsat Component Deserialization RCE is a vulnerability in Oracle WebLogic Server that allows an unauthenticated attacker to send a malicious XML request to the WebLogic Server and execute arbitrary code on the server.
An directory or path traversal web vulnerability has been discovered in the official Photos in Wifi v1.0.1 iOS mobile web-application. The vulnerability allows remote attackers to access or include external files from the local or external system or server. The vulnerability is located in the `file` value of the `/upload` POST method request. Remote attackers are able to inject own malicious script codes to the vulnerable file upload request method to compromise the web-application or connected system.
An information exposure vulnerability in forget_passwd.cgi in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to enumerate valid usernames via unspecified vectors. This can be done by sending a request to the forget_passwd.cgi page with a username as a parameter.
DiskBoss Enterprise Server 8.5.12 the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.
Sync Breeze Enterprise Server v10.1.16, the Control Protocol suffers from a denial of service. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.
Services By CQR