An attacker can send crafted HEX values to the GATT Charactristic handle on the Maxima Max Pro Power watch to perform unauthorized actions like changing time display format, updating time, and notifications. Due to lack of integrity check, an attacker can sniff values on one smartwatch and replay them on another, leading to unauthorized actions.
An attacker can exploit a Cross Site Scripting vulnerability in Petrol Pump Management Software v.1.0 by injecting malicious code through a crafted payload into the image parameter in the profile.php component. By uploading a specially crafted xss.svg file, the attacker can execute arbitrary code. The content of the xss.svg file includes a script that triggers an alert message.
The AC Repair and Services System v1.0 is vulnerable to multiple SQL Injection attacks. An attacker can exploit this by manipulating the input fields to execute arbitrary SQL commands. This can lead to unauthorized access, data leakage, and potential data manipulation.
The vulnerability allows an attacker to execute the phpinfo() function on the login page of the target device, enabling them to inspect the PHP configuration. The exploit also provides an option to save the phpinfo() output to a file for further analysis. This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845.
The RoyalTSX application crashes when a specific function is handling the SecureGatewayHost object in the RoyalTSXNativeUI due to a heap memory corruption issue. This occurs when a hostname with an array of approximately 1600 bytes is provided, leading to an instant crash when the 'Test Connection' feature is used.
Electrolink FM/DAB/TV Transmitter devices are prone to a credentials disclosure vulnerability. Attackers can exploit this issue to gain unauthorized access to sensitive information, potentially leading to further attacks.
WebCatalog version 48.4 and earlier does not properly validate URLs before calling the Electron shell.openExternal function, enabling an attacker to execute code via arbitrary protocols when users interact with malicious URLs. This can lead to the bypassing of security mechanisms for delivering malicious files.
The Simple Inventory Management System v1.0 is prone to SQL Injection due to user inputs ($_POST['email'] and $_POST['pwd']) being directly used in SQL queries without proper validation, allowing malicious users to manipulate the application. An attacker could inject SQL code through crafted input, potentially leading to unauthorized access.
7 Sticky Notes v1.9 is vulnerable to OS command injection. By manipulating the 'Action' field in the 'Alarms' tab, an attacker can execute arbitrary commands on the system. An attacker can set a malicious command as an alarm action, leading to the execution of the command when the alarm triggers.
Windows Defender normally detects and prevents the execution of TrojanWin32Powessere.G which leverages rundll32.exe. By using a VBScript and ActiveX engine, attackers can bypass the detection. Running a specific command can allow the execution of arbitrary commands from an attacker. This bypass involves adding arbitrary text to a parameter, such as 'shtml' or 'Lol', to evade Windows Defender detection.
Services By CQR