While fuzzing gattlib using clang 6.0 with ASAN a stack-based buffer-overflow was observed.
The vulnerability allows remote attackers to include arbitrary files via a URL in the 'example' parameter.
This exploit allows an attacker to upload arbitrary files to any location on the server via directory traversal. The vulnerability exists in the save_zoho.php file, specifically in the handling of the 'format' and 'name' parameters. If the 'ajxp_action' parameter is not set, the exploit uploads the 'content' file to the specified location. If the 'ajxp_action' parameter is set to 'get_file', the exploit reads the file from the specified location and then deletes it. The exploit takes advantage of the lack of sanitization of the 'format' and 'name' parameters.
Joomla Core - Stored XSS issue in the Global Configuration textfilter settings. Joomla fails to perform adequate checks at the Global Configuration Text Filter settings which allows a stored XSS.
The vulnerability allows an attacker to inject SQL code into the "sbcat_id" parameter of the "searchresult.php" script in the Links Directory Script. By exploiting this vulnerability, an attacker can retrieve the admin username and password from the database.
We have nicknamed this "SSHtranger Things" because the bug is so old it could be exploited by an 8-bit Demogorgon. Tested on Python 3.6.7 and requires `paramiko` package.
The phpTransformer 2016.9 software is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted request to the GeneratePDF.php file, specifically the idnews parameter. This allows the attacker to execute arbitrary SQL queries and potentially gain unauthorized access to the database.
The Softbiz Banner Exchange Network Script ver 1 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by injecting malicious SQL code in the 'id' parameter of the 'campaign_stats.php' page. By doing so, the attacker can bypass authentication and retrieve sensitive information such as the admin username and password.
The WinRT RestrictedErrorInfo doesn’t correctly check the validity of a handle to a section object which results in closing an unrelated handle which can lead to EoP.
Exploits CVE-2018-9206 to install a webshell.
Services By CQR