The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
The HP Info Center software, which is shipped with HP laptops, contains a critical flaw in one of its ActiveX controls. This flaw allows an attacker to execute remote code, gain remote system registry access, and execute remote shell commands. The attacker can use various attack vectors such as remote automated download and execute, remote registry access and modification, and system disk data manipulation. The attack begins by tricking the victim into opening a malicious website, which then triggers the attack automatically without any further interaction.
This is a buffer overflow exploit in GDI+ that allows for the execution of arbitrary code. The exploit launches a local cmd.exe without being bound to the network. The shellcode used is provided in the code. The exploit has been tested on an unpatched Windows XP SP1 system.
This module can be used to leverage the extension functionality added by Redis 4.x and 5.x to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave.
The provided JavaScript program crashes the JavaScriptCore engine when executed. The crash occurs due to a memory corruption vulnerability that triggers when the 'length' property of the 'arguments' object is accessed after a StructureCheck. This vulnerability allows an attacker to execute arbitrary code or cause a denial of service by crashing the engine.
The exploit allows an attacker to include local files on the server by manipulating the template parameter in the URL. The vulnerability can be exploited if the magic_quotes_gpc setting is turned off.
There exists a command injection vulnerability in the Wordpress plugin `wp-database-backup` for versions < 5.2. For the backup functionality, the plugin generates a `mysqldump` command to execute. The user can choose specific tables to exclude from the backup by setting the `wp_db_exclude_table` parameter in a POST request to the `wp-database-backup` page. The names of the excluded tables are included in the `mysqldump` command unsanitized. Arbitrary commands injected through the `wp_db_exclude_table` parameter are executed each time the functionality for creating a new database backup are run. Authentication is required to successfully exploit this vulnerability.
This module exploits inadequate access controls within the webUI to enable the SSH service and change the root password. It has been tested successfully on various versions of the NET55XX Encoder.
The Real Estate 7 premium WordPress theme is vulnerable to persistent XSS injection that allows an attacker to inject JavaScript or HTML code into the website front-end. The attacker can steal admin or moderator cookies and edit existing listings on the website by changing the unique ID.
This exploit allows an attacker to perform unauthorized actions on behalf of a user by tricking them into submitting a malicious form. In this case, the exploit targets the WordPress Simple Membership plugin, allowing the attacker to change a user's membership level.
Services By CQR