A low-privilege user who holds a role that has the `edit_user` capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.
The location_id parameter in Shuttle-Booking-Software v1.0 is vulnerable to SQL injection attacks. An attacker can exploit this vulnerability to steal information from the database.
This exploit allows an unauthenticated user to create an admin account in Crypto Currency Tracker (CCT) version 9.5. By sending a POST request to the /en/user/register endpoint with the required parameters, the attacker can create a new admin account without proper authentication.
The Online ID Generator 1.0 software is vulnerable to remote code execution (RCE) due to a bypass login SQL injection vulnerability and a shell upload exploit. An attacker can exploit these vulnerabilities to execute arbitrary code on the target system.
The Webedition CMS v2.9.8.8 is vulnerable to a blind Server-Side Request Forgery (SSRF) attack. An attacker can exploit this vulnerability by sending a crafted request to the rpc.php file, specifically the widgetGetRss function. By manipulating the we_cmd[0] parameter, an attacker can make the server send a request to a specified URL, potentially bypassing access controls and retrieving sensitive information.
Under certain conditions, an authenticated privileged user can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server.
This exploit allows an attacker to perform a path traversal attack on Minio versions up to (excluding) 2022-07-29T19-40-48Z. By manipulating the updateURL parameter, an attacker can access sensitive files such as /etc/passwd.
The media function suffers from file upload vulnerability. The attacker can upload and execute PHP files remotely, potentially leading to malicious activities on the server.
The application suffers from an insecure access control allowing an unauthenticated attacker to change accounts passwords and bypass authentication gaining panel control access.
An unauthenticated attacker can retrieve the controller's configuration backup file and extract sensitive information that can allow him/her/them to bypass security controls and penetrate the system in its entirety.
Services By CQR