The vulnerability in Real Estate Management System v1.0 allows an attacker to execute command injection payloads and upload malicious files to the web server.
A Cross Site Scripting vulnerability was found in Petrol Pump Management Software v1.0. By injecting a malicious payload into the 'Address' parameter in the add_invoices.php component, an attacker can execute arbitrary code. This vulnerability could be exploited to perform various malicious actions.
The Neon Text plugin for WordPress version 1.1 and below is prone to Stored Cross-Site Scripting (XSS) vulnerability through the neontext_box shortcode.
The R Radio FM Transmitter 1.07 system.cgi endpoint has an improper access control vulnerability that allows unauthenticated users to access and reveal the clear-text password of the admin user. This disclosure enables attackers to bypass authentication and gain unauthorized access to the FM station setup.
The GL.iNet firmware version 4.3.7 is vulnerable to remote code execution via the OpenVPN client. An attacker can exploit this vulnerability to execute arbitrary code on the target system. This vulnerability has been assigned the CVE-2023-46454.
The vulnerability in Real Estate Management System v1.0 allows an attacker to execute command injection payloads and upload malicious files to the web server.
A Cross Site Scripting vulnerability was found in Petrol Pump Management Software v1.0. By injecting a malicious payload into the 'Address' parameter in the add_invoices.php component, an attacker can execute arbitrary code. This vulnerability could be exploited to perform various malicious actions.
The Neon Text plugin for WordPress version 1.1 and below is prone to Stored Cross-Site Scripting (XSS) vulnerability through the neontext_box shortcode.
The R Radio FM Transmitter 1.07 system.cgi endpoint has an improper access control vulnerability that allows unauthenticated users to access and reveal the clear-text password of the admin user. This disclosure enables attackers to bypass authentication and gain unauthorized access to the FM station setup.
The exploit allows an attacker to include files from the local file system on the Boss Mini 1.4.0 application. By exploiting this vulnerability, an attacker can potentially access sensitive files and data stored on the server. This vulnerability has been assigned CVE-2023-3643.
Services By CQR