A persistent Cross Site Scripting vulnerability exists in userSpice version 4.3 and below. An attacker can exploit this vulnerability by logging in with a regular user, navigating to the public profile, editing the bio and entering a XSS payload. Once anyone visits the Bio page, the payload will execute.
The vulnerability allows an attacker to inject sql commands. The 'username' field is vulnerable in this script ('access_login' parameter). First inject payload into this parameter. then put anything in password and click login. You will have XPATH syntax error in the next page that contains user and db_name. You can find all tables and any information from database by using XPATH query. You can use extractvalue() or updatexml() for generating error.
With this exploit,attacker can bypass admin login authentication.
An integer overflow vulnerability in the objdump utility of GNU Binutils 2.29.1 and earlier allows attackers to cause a denial of service (application crash) via a crafted ELF file, related to print_symbol.c and elfcode.h.
CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution. Remote attackers can potentially execute arbitrary System Commands due to a Cross Site Request Forgery, if an authenticated NAT32 user clicks a malicious link or visits an attacker controlled webpage as NAT32 performs no check for blind requests.
An attacker can exploit this vulnerability by inserting a malicious payload in the search parameter of the script. This will result in an error based SQL Injection.
The application allows malcious HTTP requests to be directly executed without any hidden security token.This may lead to user account takeover or malious command execution
The application allows illegitimate host header manipulation and leads to aribtary web page re-direction. This can also lead to severe attacks such as password reset or web cache poisoning. A attacker can perform application modification to perform advanced attacks as as password reset/ cache poisoning etc.
This module attempts to gain root privileges on Juju agent systems running the juju-run agent utility. Juju agent systems running agent tools prior to version 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3, provide a UNIX domain socket to manage software ('units') without setting appropriate permissions, allowing unprivileged local users to execute arbitrary commands as root. This module has been tested successfully with Juju agent tools versions 1.18.4, 1.25.5 and 1.25.9 on Ubuntu 14.04.1 LTS x86 deployed by Juju 1.18.1-trusty-amd64 and 1.25.6-trusty-amd64 on Ubuntu 14.04.1 LTS x86_64.
LibreOffice supports COM.MICROSOFT.WEBSERVICE function which is required to obtain data by URL. This function can be used to read files and send files with keys, passwords and anything else. It affects LibreOffice prior to 5.4.5/6.0.1 in all operation systems (GNU/Linux, MS Windows, macOS etc.) and may be embedded in almost all formats supporting by LO.
Services By CQR