Exploiting TP-Link Archer CR-700 Router. On a Linux machine, the user can comment out the line 'send host-name = gethostname();' and change the gethostname() function to an XSS script like '<script>alert(5)</script>'. Then, the user can send a DHCP request to the router to receive an IP address with the command 'dhclient -v -i wlan0'. On logging in, the XSS script executes. Additionally, the router does not have a CSRF token, so the cookie set by the router can be stolen using an XSS script.
ProjectSend is a self-hosted PHP based file-transfer platform. Several serious vulnerabilities have been discovered so far. Here are some further persistent and non-persistent XSS vulnerabilities which affect ProjectSend. Non-persistent XSS can be exploited by sending a malicious payload in the searchbox on my_files/index.php and as admin in searchboxes on 'Manage Clients', 'Clients groups' and 'System Users'.
User can execute arbitrary JavaScript code within the vulnerable application. The vulnerability exists due to failure in the "/comment.php" script to properly sanitize user-supplied input in "txtGuestURL" variable. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data.
Remote attackers can inject arbitrary web script or HTML code via f and fp variables by using the URL http://localhost/?p=foo/bar/ph33r.git;a=blobdiff;f=[XSS];fp=[XSS], where [XSS] is the malicious code.
Link Protect 1.2 is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the 'description', 'name', 'email' or 'link' fields of the 'linkcheck.php', 'contact_us.php' and 'signup.php' pages. This malicious code will be executed in the browser of the victim when they visit the vulnerable page.
The follow xss is located in the section of comments of the CMS skeletonz. Xss Exploit field Name: <script>alert('xss');</script>field Comment: <script>alert('xss');</script>
AbleDating script is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the vulnerable parameters of the application. The malicious code can be injected into the 'title' or 'description' of a post in the forum, or into the 'date' parameter of the 'events_event_edit.php' page. The malicious code will be executed in the browser of the victim when they visit the affected page.
The component allows you to create and submit tickets. The tickets can be viewed on the website and in the admin panel. It is possible to inject arbitrary HTML and JS/VBS code into the title field of the ticket. If someone else views the ticket list, the code gets executed in the visitor's browser. This vulnerability is considered as critical since the tickets are also displayed in the administrator backend of Joomla. As soon as a user with extended priviledges views the ticket list in the admin backend, the code gets executed and damage can be caused.
A vulnerability in the HTML table tag with the style attribute set to position:absolute;clip:rect(0) allows an attacker to inject malicious JavaScript code into a web page. The code is executed when the page is rendered in the browser. This vulnerability affects all versions of Internet Explorer prior to version 8.0. The vulnerability can be exploited by an attacker to gain access to sensitive information or to execute malicious code on the user's system.
If 'install.php' was not removed after installation, an attacker can create an HTML file with a form containing a text input and a submit button. The form action should be set to the path of the 'install.php' file on the victim server. After opening the HTML file, the attacker can enter any step of the installation they would like to access. Step '3' contains the most sensitive information.
Services By CQR