There is no CSRF protection in Open-AuditIT application, with a little help of social engineering (like sending a link via email/chat) an attacker may force the victim to click on a malicious link by which any normal user can become an Admin user. The attack can force an end user to execute unwanted actions on a web application in which they're currently authenticated. Using this vulnerability, we were able to compromise entire user account with chaining this bug with XSS.
The Flip <= 3.0 application is vulnerable to passwords hash disclosure. An attacker can send a specially crafted GET request to the server and retrieve the contents of the 'var/users.txt' file, which contains the usernames and MD5 hashes of the passwords. The attacker can then use these hashes to attempt to crack the passwords and gain unauthorized access to the application.
This module exploits a SQL injection vulnerability in the com_fields component, which was introduced to the core of Joomla in version 3.7.0.
This Perl script exploits a vulnerability in the Flip <= 3.0 application that allows an attacker to create an admin account. The script takes a URL as input and prompts the user for a desired username and password. It then sends a POST request to the target URL with the necessary parameters to create the admin account. If successful, the script prints 'OK'.
This module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.
The exploit allows an attacker to execute arbitrary code by exploiting a stack-based buffer overflow vulnerability in Allok Fast AVI MPEG Splitter 1.2. By creating a specially crafted file and running the exploit code, the attacker can trigger the buffer overflow and gain control over the target system. The exploit has been tested on Windows XP SP3 and Windows 7 x64 Ultimate.
The RFI bug is present in the lang_main_album.php file of PhpBBPlus version 1.53. It can be exploited by appending a malicious URL as the value for the 'phpbb_root_path' parameter. This can allow an attacker to include remote files and potentially execute arbitrary code.
This exploit allows an attacker to create a malicious AVI file that when opened in Easy Avi Divx Xvid to DVD Burner v2.9.11, will cause a denial of service on the local system.
This exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in Easy CD DVD Copy v1.3.24. The vulnerability occurs when a user pastes a specially crafted content in the 'Enter User Name' field during registration. This allows the attacker to overwrite the Structured Exception Handler (SEH) and gain control of the program execution flow. The exploit includes a payload that launches the Windows calculator (calc.exe) as an example. The vulnerability has been tested on Windows XP professional SP3, Windows 7 Enterprise SP1, and Windows 10 Professional 64bit, with different offset values.
This is a proof of concept exploit for a Denial of Service vulnerability in Dell EMC NetWorker. The vulnerability allows an attacker to crash the service, resulting in a denial of service condition.
Services By CQR