This module exploits an arbitrary command execution vulnerability in Ericsson Network Location Mobile Positioning Systems. The 'export' feature in various parts of the application is vulnerable. It allows command injection with preventions bypass operation.
The vulnerability allows an attacker to store malicious JavaScript payload in the database which gets executed when triggered, resulting in a pop-up.
By default, the Authenticated Users group has the modify permission to Gestionale Open folders/files. A low privilege account can rename the mysqld.exe file located in the bin folder and replace it with a malicious file that would connect back to an attacking computer, giving system level privileges. The service running as Local System allows the execution of the malicious file when the computer is restarted. The application also has unquoted service path issues.
This exploit allows an attacker to retrieve sensitive information from the web.xml file in Jetty 9.4.37.v20210219 and 9.4.38.v20210224 versions. By sending a specially crafted HTTP request, an attacker can access the web.xml file containing configuration details and potentially sensitive information.
The NIMax software version 5.3.1f0 is vulnerable to a local denial of service (DoS) attack. By adding a specially crafted alias and triggering the 'ok' button, the application crashes, resulting in a denial of service condition. This PoC demonstrates the vulnerability by creating a file with a large number of 'A' characters and using it as a resource name.
The NIMax software version 5.3.1 is vulnerable to a local Denial of Service (DoS) attack. By creating a specially crafted file, an attacker can cause the NIMax application to crash, resulting in a denial of service condition.
This exploit allows an attacker to execute arbitrary JavaScript code in the context of a victim's browser. By injecting malicious code into a web page, the attacker can steal sensitive information, perform phishing attacks, or gain unauthorized access to user accounts.
The vulnerability allows an unauthenticated attacker to escalate their privileges and gain administrative access. By sending a specially crafted request, the attacker can retrieve the authentication cookies for the admin user.
The vulnerabilities in the application allow for:- Reading any PHP file from the server- Saving files to parent and child directories and overwriting files in server- Performing operations by an unauthenticated user with application administrator rights
The Google SLO-Generator version 2.0.0 is vulnerable to code execution. This can be exploited by an attacker by crafting a specially crafted YAML file that contains malicious code. When this file is processed by the SLO-Generator, it will execute the code within the 'apply:os.system' field. This allows an attacker to execute arbitrary commands on the host system.
Services By CQR