The Vortex Portal 1.0.42 script is vulnerable to Remote File Inclusion (RFI) due to the presence of register_globals being turned ON. The vulnerability can be exploited by an attacker to include and execute arbitrary remote files.
This proof-of-concept crashes the Chrome renderer process using Tencent Blade Team's Magellan SQLite3 bug. It's based on a SQLite test case from the commit that fixed the bug.
The scWiki 1.0 Beta 2 is vulnerable to a remote file inclusion vulnerability in the 'common.php' file. An attacker can exploit this vulnerability by manipulating the 'pathdot' parameter in the 'common.php' file, allowing them to include arbitrary remote files. This can lead to remote code execution or unauthorized access to sensitive information.
The Quick and Dirty Blog version 0.4 is vulnerable to a Local File Inclusion vulnerability. By manipulating the 'theme' parameter in the 'categories.php' file, an attacker can include arbitrary files from the server. An attacker can exploit this vulnerability to read sensitive files like '/etc/passwd'.
The vulnerability exists in the MsiAdvertiseProduct function, where an arbitrary file can be copied to a specific directory, resulting in an arbitrary file read vulnerability. By providing a controlled file as the first parameter, the function can be tricked into copying any file as SYSTEM, making the destination file readable. This can lead to the disclosure of sensitive information.
The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie RCE is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.
This exploit allows an attacker to execute arbitrary code by creating a specially crafted '.m3u' file and loading it into XMPlay. The exploit takes advantage of a vulnerability in XMPlay version 3.8.3, allowing the attacker to search through memory for a payload and eventually launch calc.exe.
The vulnerability allows an attacker to include a remote or local file in the application's code, which can result in arbitrary code execution or information disclosure.
Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.
This module exploits a file upload vulnerability in Rukovoditel PM/CRM version 2.3.1. Application allows the user to upload a background image, and does not perform extension checking exactly. Application agrees to upload if 'gif' file header is added to the header of our payload file. However, many file types do not have permission to work. '.htaccess' is blocking that. it has file extension check as follows, <FilesMatch '.(php([0-9]|s)?|s?p?html|cgi|pl|exe)$'> There is no upper and lower case control. Therefore, the extension of our file can be .pHp .Php .PhP and such. The module is uploading by create a payload as above to get Meterpreter session.
Services By CQR