The Maitra - Mail Tracking System 1.7.2 is vulnerable to SQL Injection and allows an attacker to download the database file. The vulnerability can be exploited by accessing the /application/db/maitra.sqlite file or by using the /?c=outmail&m=outmailentry&mailid=[SQL] endpoint with a malicious SQL query.
This is a proof of concept exploit for the MS07-055 vulnerability in the Kodak Image Viewer. By opening a specially crafted TIF/TIFF file, an attacker can execute arbitrary code on the target system. The exploit has been tested on Windows 2000 SP4 Korean Edition, but it may work on other systems with slight modifications. It is advised to open the file through the Kodak Image Viewer rather than directly in explorer to avoid crashes.
The Data Center Audit 2.6.2 software is vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability by tricking an authenticated user into visiting a malicious website that contains a crafted request to update the admin password. This can lead to unauthorized access and potential compromise of the system.
This exploit takes advantage of a stack buffer overflow vulnerability in Sony CONNECT Player M3U Playlist Processing. It allows an attacker to execute arbitrary code on the target system by crafting a malicious M3U playlist file. The exploit was discovered by Parvez Anwar and written by TaMBaRuS. It has been tested on Sony CONNECT Player (SonicStage) 4.x installed on Windows XP SP2/2k SP4. The exploit contains shellcode that executes a Windows command provided by metasploit.com. This exploit is for educational purposes only.
This exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in XAMPP Control Panel version 3.2.2. The exploit involves creating a specially crafted file and pasting its contents into the 'Editor' field in the program.
This vulnerability allows an attacker to include a remote file in the teatro 1.6 script. The vulnerable file is pub08_comments.php and the parameter basePath is not properly validated, allowing an attacker to specify a remote file to include.
Using a web browser or script SSRF can be initiated against internal/external systems to conduct port scans by leveraging D-LINKs MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.
The Paroiciel 11.20 software is vulnerable to SQL injection. An attacker can exploit this vulnerability by injecting SQL code into the 'tRecIdListe' parameter of the 'trec.php' page. This can lead to unauthorized access to the database and potential data manipulation.
This vulnerability allows an attacker to include a remote file by manipulating the SYS_PATH parameter in the sige_init.php file. By providing a malicious URL in the SYS_PATH parameter, an attacker can execute arbitrary code on the server.
The SecureTrack application is vulnerable to XML External Entity injection. This attack is considered quite serious and can be used to retrieve confidential data, perform denial of service, execute server side request forgery attacks, and perform port scanning through the machine on other systems. The vulnerability exists in the 'Audit' > 'Best Practices' module of the 'SecureTrack' application when creating a new Best Practices query and manipulating the 'xml' parameter in the request. When triggered, the vulnerability writes the contents of the requested file inside the name field of a best practice. This vulnerability affects every 'SecureTrack' application authentication user role.
Services By CQR