This exploit allows unauthorized users to upload any files, including PHP scripts, to the /admin/upload_files.php script in Zomplog versions 3.8.1 and below. The uploaded file will be moved to the /upload directory with a specific naming format. The /upload directory is not protected by .htaccess, allowing attackers to access the contents of the uploaded files.
The vulnerability exists in the 'news/newstopic_inc.php' file of the PMM CMS. The script does not properly validate user-supplied input before including a file. An attacker can exploit this vulnerability by sending a crafted request with a malicious URL in the 'indir' parameter, leading to remote code execution on the server.
The exploit takes advantage of a local buffer overflow vulnerability in Prime95. By sending a specially crafted buffer, an attacker can overwrite the Structured Exception Handler (SEH) to gain control of the program execution flow. This allows the attacker to execute arbitrary code or commands on the target system.
Prints get request between script tags on page
1) Create an account and go to your profile. 2) When we want to put "<script></script>" in the fields,"script" will be replaced with null. so we can bypass this filter by using javascript's events like "onmouseover" or "oninput" . Put one of these payloads into the fields : 1 - " oninput=alert('xss') " 2 - " onmouseover=alert('xss') " 3) You will get an alert box inside the page . ( after put something into the fields or move mouse on the fields) With csrf vulnerability,attacker can easily change user's authentication. So in this script , we have anti-CSRF token .We can't change user's information without token. but there is a vulnerable parameter which has reflected xss in another page of this script. http://store.webandcrafts.com/demo/healwire/?msg= [We have Reflected XSS here] Now we can bypass anti-csrf by this parameter and using javascript:
This Metasploit module exploits a remote code execution vulnerability in a certain component. It allows an attacker to execute arbitrary code on the target system.
This exploit allows an attacker to perform unauthorized actions on behalf of a victim user by tricking them into clicking a malicious link or visiting a website controlled by the attacker.
SuperCom - Online Shopping Ecommerce Cart 1 suffers from multiple vulnerabilities. The first vulnerability is persistent cross-site scripting where an attacker can inject malicious code into the profile update section, which will then execute when the user views their profile. The second vulnerability is cross-site request forgery where an attacker can change the user's authentication directly by creating a malicious form that submits to the update profile endpoint. The third vulnerability is authentication bypass where an attacker can bypass the authentication by using a specific username and password combination.
A token’s trust SID isn’t reset when setting a token after process creation allowing a user process to bypass access checks for trust labels.
The xoron exploit allows an attacker to include a remote file by manipulating the phpbb_root_path parameter in the archive_topic.php file. This can be used to execute malicious code or gain unauthorized access to the system.
Services By CQR