This module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x <= 5.6.29. Remote Command Execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.
The CWP Control Web Panel version 0.9.8.836 to 0.9.8.839 is vulnerable to root privilege escalation. The vulnerability occurs due to the session file being stored in the /tmp directory and the rkey value in the session file not changing when accessed by the same source IP address.
This exploit allows an attacker to bypass DEP/ASLR protections in R 3.4.4 on Windows 10 x64. By pasting a payload into the 'Language for menus...' field in GUI Preferences, the attacker can execute arbitrary code.
This exploit allows an attacker to include arbitrary local files on the server by modifying the 'include_form' parameter in a POST request. By manipulating the 'form_include' parameter, an attacker can traverse directories and access sensitive files on the server, such as /etc/passwd.
This exploit allows for remote file inclusion and permanent cross-site scripting. The vulnerability can be exploited through the sitemap.xml.php and errors.php pages. The permanent XSS can be executed through the input fields gb_mail, gb_name, and textarea gb_text on the index.php?guestbook=v page. Additionally, there is a CSRF exploit for changing passwords on the index.php?admin=changepass page.
Buffer Overflow vulnerability in StreamRipper32 version 2.6 allows remote attackers to execute arbitrary code via a crafted Song Pattern input.
The script is vulnerable to both XSS and Blind SQL Injection attacks. The 'nav_ID' parameter is not properly sanitized and can be used for Blind SQL Injection attacks. The 'handler' parameter and 'topic' parameter are not properly sanitized and can be used for XSS attacks.
The Lotfian.com travel site is vulnerable to SQL injection attacks through the NewsDetails.asp, Destination.asp, and RegionDetails.asp pages. An attacker can modify the SQL queries in the URL parameters to execute arbitrary SQL statements, potentially leading to unauthorized access, data manipulation, or data leakage.
The EmuLive Server4 Commerce Edition Build 7560 is vulnerable to a remote crash when it receives a malformed request on TCP port 66. The crash is severe and causes the machine running the server to crash hard.
The AFDKO font handling library in Adobe Font Development Kit for OpenType (AFDKO) is susceptible to memory corruption issues, such as buffer overflows, due to the lack of sanity checks on input data. This vulnerability can be exploited if the input file does not conform to the format specification. Starting with Windows 10 1709, Microsoft's DirectWrite library includes parts of AFDKO, specifically the modules for reading and writing OpenType/CFF fonts. This code is used for instancing variable fonts, which involves building a single instance of a variable font with specific attributes. The vulnerable code can be reached through the Direct2D printing interface.
Services By CQR