The vulnerability laboratory core research team discovered a remote sql-injection web vulnerability in the Simplephpscripts Simple CMS v2.1 web-application.
A directory traversal web vulnerability has been discovered in the official Super Backup v2.0.5 ios mobile web-application. The vulnerability allows remote attackers to change the application path in performed requests to compromise the local application or file-system of a mobile device.
A directory traversal web vulnerability has been discovered in the Easy Transfer Wifi Transfer v1.7 ios mobile application. The vulnerability allows remote attackers to change the application path in performed requests to compromise the local application or file-system of a mobile device. Attackers are for example able to request environment variables or a sensitive system path.
Multiple stack buffer overflow vulnerabilities have been discovered in the official Internet Download Manager v6.37.11.1 software. The buffer overflow allows to overwrite registers of the process to compromise the file-system by elevates local process privileges. The first stack buffer overflow is located in the `search` function of the downloads menu. The search function itself does not use any secure restriction in the requested search variable of the inputs. Local attackers with access to the software are able to overflow the registers to elevate local process privileges. The second stack buffer overflow is located in the `Export/Import` function of the tasks menu. Local users are able to import and export the download tasks as *.ef2 file. Local attackers are able to import manipulated *.ef2 files with manipulated referer and source url to overwrite the eip register. The third stack buffer overflow is located in the `Download` function of the tasks menu. Local users are able to download files with manipulated referer and source url to overwrite the eip register. The fourth, fifth, sixth, seventh, eighth, ninth and tenth stack buffer overflow is located in the `Download` function of the tasks menu. Local users are able to download files with manipulated referer and source url to overwrite the eip register.
The vulnerability laboratory core research team discovered a directory traversal web vulnerability in the official File Transfer iFamily v2.1 ios mobile application.
This script uses the symboliclink-testing-tools project, written by James Forshaw. The vulnerability allows an unprivileged local attacker to delete any file on the filesystem, or overwrite it with abritrary data hosted elsewhere (with limitations). This particular script will attempt to overwrite the file dsa_control.cmd with arbitrary data hosted on an external web server, partly disabling TMDS, even when agent self-protection is turned on. It can also be modified/simplified to simply delete the target file, if desired.
Services By CQR