The BACnet Stack 0.8.6 is vulnerable to a denial of service attack. This vulnerability allows an attacker to crash the BACnet server by sending a specially crafted packet. The vulnerability has been assigned CVE-2019-12480. After reporting the vulnerability to the vendor, a fix has been released in version 0.8.7 of the BACnet Protocol Stack.
The Web Ofisi Rent a Car 3 application is vulnerable to SQL Injection. Multiple parameters in the URL are vulnerable to SQL Injection attacks, including 'kategori[]', 'klima[]', 'vites[]', and 'yakit[]'. An attacker can exploit these vulnerabilities to execute arbitrary SQL commands on the underlying database.
The Web Ofisi Emlak 3 application is vulnerable to SQL Injection. The vulnerability exists in the 'emlak_durumu' parameter of the 'emlak-ara.html' page. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially gaining unauthorized access to the database.
The script is a Perl script that can be used to perform unauthenticated remote code execution on a vulnerable website. It uses LWP::UserAgent module to send HTTP requests and retrieve login and password information from the target website. By providing a URL as an argument, the script attempts to retrieve the login and password information from the website's administration panel. If successful, it prints the retrieved information along with the MySQL details.
This exploit takes advantage of a remote buffer overflow vulnerability in the MAPLE Computer WBT SNMP Administrator version 2.0.195.15. It allows an attacker to execute arbitrary code on the target system. The exploit uses an EggHunter technique to locate and execute the payload.
The application suffers from an authenticated stored XSS via POST request. The issue is triggered when input passed via the POST parameter 'subdomain' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The RPCSS Activation Kernel RPC serverβs security callback can be bypassed resulting in EoP.
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This module is tested against Windows 10 v1703 x86.
The Siebel CRM application allows its users to upload any file types in most of the available file upload functionalities, later on, the uploaded file can be downloaded by another user with the appropriate privileges as part of the workflow. As such, it was possible to upload file with the βhtmlβ extension, (containing html and JavaScript code) thereby allowing to also perform Persistent Cross Site Scripting attack.
SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthenticated Remote Buffer Overflow via a long string to the CE Remote feature listening on Port 987. This will overwrite data on the stack/registers and allow for control of the programs execution flow resulting in attacker supplied remote code execution. Authentication is not required for this exploit.
Services By CQR