The MRF Web Panel (SWMS) is vulnerable to OS Command Injection attacks. The vulnerability allows an attacker to inject arbitrary OS commands and retrieve the output in the application's responses.
SQL Injection in search parameter 'query' and XSS issue in desc and title ppost parameters
The mach_voucher_extract_attr_recipe_trap function in the Mach kernel in Apple iOS before 9.3.2 allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted app.
The QuickTicket v1.2 application is vulnerable to Local File Inclusion. This allows an attacker to include arbitrary files from the local file system, which can lead to remote code execution or unauthorized access to sensitive information.
A type-confusion vulnerability was discovered in GMP deserialization with crafted object's __wakeup() magic method that can be abused for updating any already assigned properties of any already created objects, this result in serious security issues.
The QuickTalk forum v1.3 is vulnerable to local file inclusion. An attacker can exploit this vulnerability by injecting a malicious string into the 'lang' parameter, which is then used to include a file from the server.
The Cisco WebEx extension allows arbitrary code execution due to a flaw in the way it handles URLs containing a specific pattern. The extension uses nativeMessaging and can execute arbitrary code when a website requests the extension to open a port for communication. The extension uses CustomEvent() objects to pass JSON messages between the webpage, the extension, and the native code.
This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise v9.1.14 and v9.3.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
By omitting or supplying arbitrary CSRF tokens, remote attackers can bypass CSRF protection in the ntopng web interface, allowing them to make HTTP requests on an authenticated user's behalf.
This vulnerability allows an attacker to display every user:hash in the database.