The Modern Script 5.0 index.php file is vulnerable to a remote SQL injection attack. By manipulating the 's' parameter in the URL, an attacker can execute arbitrary SQL queries on the database.
This vulnerability allows an attacker to inject SQL queries into the application's database, potentially gaining unauthorized access or modifying data.
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'tID' parameter to '/index.asp' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit latent vulnerabilities in the underlying database and compromise the system.
This exploit allows an attacker to execute remote SQL injection in PMB Services version 3.4.3 or below. PMB Services is a free Integrated Library management System. The vulnerability can be exploited by an attacker to gain unauthorized access to the database and potentially retrieve or modify sensitive information.
This exploit allows an attacker to perform a remote SQL injection attack on ASPPortal version 3.1.1. It takes advantage of a vulnerability in the 'download_click.asp' script to execute arbitrary SQL queries and retrieve sensitive information from the database.
This exploit allows an attacker to execute a remote SQL injection attack on Woltlab Burning Board 2.x. By providing specific parameters, the attacker can retrieve sensitive information such as usernames, email addresses, and MD5 hashes of passwords.
The mod_visitorsgooglemap module of Visitors Google Map Lite 1.0.1 (FREE) is vulnerable to remote SQL injection. The vulnerability exists in the map_data.php file.
The vulnerability allows an attacker to inject SQL queries into the 'nid' parameter of the 'news_detail.php' script. By manipulating the query, an attacker can retrieve sensitive information such as login credentials from the admin table.
The vulnerability exists in AlefMentor 2.0, where an attacker can inject SQL queries through the 'cont_id' parameter in the 'cource.php' file. This can lead to unauthorized access or manipulation of the database.
This exploit allows an attacker to inject SQL queries through the 'idsite' parameter in the view_com.php file of the PHPMyRing web application. By manipulating the 'idsite' parameter, an attacker can extract the admin login and plain text password from the database.
Services By CQR