This module triggers an arbitrary shared library load vulnerability in GoAhead web server versions between 2.5 and that have the CGI module enabled.
This module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura makes use of a hardcoded cookie secret which allows to sign arbitrary cookie data. After passing this signature check, the base64-decoded data is passed to PHPs unserialize() function which allows for code execution. The constructed object is again based on the SektionEins Zend code execution POP chain PoC. Kaltura versions prior to 13.1.0 are affected by this issue. A valid entry_id (which is required for this exploit) can be obtained from any media resource published on the kaltura installation. This module was tested against Kaltura 13.1.0-2 installed on Ubuntu 14.04.
This exploit allows an attacker to gain remote root access on RAVPower devices. It takes advantage of a vulnerability in the upload functionality of the device's web interface, allowing the attacker to upload a malicious file that will overwrite important system files and create a backdoor. By exploiting this vulnerability, the attacker can gain full control over the device and execute arbitrary commands as root.
The phpRealty 0.02 script is vulnerable to remote file inclusion. The vulnerability exists in the 'index.php', 'p_ins.php', and 'u_ins.php' files in the 'manager/admin' directory. An attacker can exploit this vulnerability by including a malicious script via the 'MGR' parameter in the URL. This can lead to remote code execution and potentially compromise the affected system.
The vulnerability allows an attacker to inject sql commands....
This vulnerability allows an attacker to download any local file from the vulnerable system. The exploit involves sending a specific HTTP request with the file path to the target system, which then responds with the requested file.
There are multiple instances in different files of AuraCMS version 1.5rc where user input variable $id is not properly filtered before being used in SQL queries, allowing attackers to manipulate SQL statements through the browser. This can lead to unauthorized access to the database and potential data leakage.
Attacker can upload any file using the link joomla/index.php?option=com_restaurante&task=upload. After uploading the file, the attacker can find it in /components/com_restaurante/img_original directory. The attacker should add (.) before the filename. Example: if the attacker uploaded a file named shell.php.jpg, its name will be like .shell.php.jpg in the path /components/com_restaurante/img_original/.shell.php.jpg.
The vulnerability allows an attacker to include files from the local file system.
There is a file include vulnerability in php-calendar, which allows an attacker to include arbitrary PHP files and execute system commands with the rights of the web server. This can be very dangerous in certain situations.
Services By CQR