CSV Injection (aka Excel Macro Injection or Formula Injection) exists in creating new timesheet in Kimai. By filling the Description field with malicious payload, it will be mistreated while exporting to a CSV file.
This exploit allows an attacker to perform a blind SQL injection attack in SEO Panel version 4.8.0. By manipulating the 'order_col' parameter in the archive.php page, an attacker can execute arbitrary SQL queries.
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
The My SMTP Contact v1.1.2 plugin for GetSimple CMS suffers from a Stored Cross-Site Scripting (XSS) vulnerability, that when chained together with the CSRF vulnerability in v1.1.1, allows remote unauthenticated attackers to achieve Remote Code Execution on the hosting server, when an authenticated administrator visits a malicious third party website. The PHP function htmlspecialchars() attempts to sanitize the user-input, but is trivially bypassed by passing the dangerous characters as escaped hex bytes. This allows attackers to breakout of the HTML rendered by the PHP engine, to run arbitrary client-side code within the admins browser; after the admin submits the POST request from the CSRF attack. Since GetSimple CMS suffers from a known PHP code injection vulnerability within the themes edit page, the attacker can ride the admins session to perform a chain of XHR requests within the admins browser. The XHR chain triggered by the CSRF attack will collect the CSRF Token from the themes edit page, and use the token to exploit the PHP Code Injection vulnerability to upload a webshell within every page hosted by the CMS.
If you log into Admin panel and open My Preferences you could be able to exploit XSS in title field. Reflected XSS in /admin/addbookmark.php.
This exploit allows an attacker to enable remote access on a Multilaser Router RE018 AC1200 device. By submitting a form with specific parameters, the attacker can change the remote access settings of the router.
glFTPd only lets a certain amount of connections to be made to the server, so, by repeatedly making new connections to the server, you can block other legitimate users from making a connection to the server, if the connections/ip isn't limited.
Aconon Mail is a commercial newsletter software that allows users to access archived emails through a web browser. The template used for processing these emails can be overwritten by any user, allowing for directory traversal attacks. An attacker can modify the 'template' form parameter in the HTTP-GET request to inject arbitrary code or access sensitive files on the server.
This exploit allows an attacker to perform a blind SQL injection attack on PrestaShop version 1.7.5.x to 1.7.6.7. By exploiting this vulnerability, an attacker can retrieve sensitive information from the database.
The Composr CMS version 10.0.36 is vulnerable to cross-site scripting (XSS) attacks. An attacker can exploit a specific endpoint to inject malicious script code, which will be executed in the context of the victim's browser.
Services By CQR