The vulnerability exists due to failure in the "forum_admin.php" script to properly sanitize user-supplied input in GET parameter. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.Attacker can use browser to exploit this vulnerability.
The bxcp 0.299 exploit is a PHP script that exploits a vulnerability in the bxcp software version 0.299. It allows an attacker to execute arbitrary code on the target system by injecting malicious code through a specially crafted HTTP GET request. The exploit takes advantage of a SQL injection vulnerability in the 'show' parameter of the 'index.php' file, allowing the attacker to retrieve sensitive information such as user passwords.
The 'fileManager.cfc' component in affected Mura CMS versions does not properly sanitize the 'FILEID' parameter, allowing an attacker to access arbitrary files on the server.
The Microsoft Cinepak Codec CVDecompress function in iccvid.dll in Windows XP SP3 allows remote attackers to execute arbitrary code via a crafted AVI file with Cinepak codec data, which triggers a heap-based buffer overflow.
This exploit takes advantage of a vulnerability in Mozilla Firefox that allows remote code execution. By using a specially crafted CSS file, an attacker can execute arbitrary code on the victim's system.
The 'com_elite_experts' component is a module for the Joomla! and Mambo content managers. It is vulnerable to SQL Injection.
This is a Perl script that exploits a SQL injection vulnerability in Zorum forum version 3.5. It allows an attacker to retrieve the username and password of a user by brute forcing the password hash.
This exploit targets a memory corruption vulnerability in Microsoft Excel's HFPicture Record parsing. It allows an attacker to corrupt memory and potentially execute arbitrary code.
This exploit allows remote code execution in Adobe Acrobat Reader and Flash through the 'newfunction' vulnerability.
The Adobe Shockwave Director is vulnerable to a memory corruption vulnerability in the tSAC Chunk. An attacker can exploit this vulnerability to execute arbitrary code on the target system. The impact of this vulnerability is considered to be medium to high.
Services By CQR