An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It gave authenticated attackers the ability to modify arbitrary files, including PHP files. Doing so would allow an attacker to achieve remote code execution. The xcloner_restore.php write_file_action could overwrite wp-config.php, for example. Alternatively, an attacker could create an exploit chain to obtain a database dump.
This exploit allows an attacker to read arbitrary files on a target system using the ES File Explorer app. The vulnerability is identified by CVE-2019-6447. By sending a specially crafted request to the app, an attacker can bypass file access restrictions and read files that they should not have access to. This can lead to unauthorized disclosure of sensitive information.
The SAPSprint service in SAPSprint.exe in SAPSprint 7.60 on Windows 10 Enterprise 64-bit allows local users to gain privileges via an unquoted service path vulnerability.
A successful attempt to exploit this vulnerability requires the attacker to insert an executable file into the service path undetected by the OS or some security application. When restarting the service or the system, the inserted executable will run with elevated privileges.
A successful attempt to exploit this vulnerability requires the attacker to insert an executable file into the service path undetected by the OS or some security application. When restarting the service or the system, the inserted executable will run with elevated privileges.
CVE-2020-14871 is a critical pre-authentication (via SSH) stack-based buffer overflow vulnerability in the Pluggable Authentication Module (PAM) in Oracle Solaris. PAM is a dynamic authentication component that was integrated into Solaris back in 1997 as part of Solaris 2.6. The vulnerability received a CVSSv3 score of 10.0, the maximum possible score.
A successful attempt to exploit this vulnerability requires the attacker to insert an executable file into the service path undetected by the OS or some security application. When restarting the service or the system, the inserted executable will run with elevated privileges.
The Disk Savvy software version 13.6.14 is affected by an unquoted service path vulnerability. This vulnerability could allow an attacker to execute arbitrary code with elevated privileges.
The Cotonti Siena 0.9.19 application is vulnerable to stored cross-site scripting (XSS) attacks. An attacker can exploit this vulnerability by entering a malicious payload in the 'maintitle' parameter in the Configuration tab of the Admin Panel. When the payload is saved and the home page is accessed, the XSS attack is triggered, allowing the execution of arbitrary JavaScript code.
The Disk Sorter Server software version 13.6.12 is vulnerable to an unquoted service path vulnerability. This vulnerability occurs when the service path is not surrounded by quotation marks. An attacker with local access to the system could potentially exploit this vulnerability to execute arbitrary code with elevated privileges.
Services By CQR