The Aim Web Design website is vulnerable to multiple vulnerabilities including XSS Injection and HTML Injection. These vulnerabilities can be exploited to inject malicious code into the website and potentially compromise user data.
-9999+union+all+select+1,group_concat(username,char(58),password)v3n0m,3,4,5+from+jos_users--
The Joomla Component My Car has multiple vulnerabilities including XSS, Information Disclosure, and Possible SQL Injection. The XSS vulnerability can be exploited by manipulating the 'modveh' parameter in the 'index.php?option=com_mycar&task=1&pagina=0&ordine=preveh&modveh=[XSS]' URI. The Information Disclosure vulnerability can be exploited by manipulating the parameters and URLs, which reveal SQL errors and website path information. The Possible SQL Injection vulnerability can be triggered by using the 'index.php?option=com_mycar&task=1&pagina=-1' URI.
The Easy Address Book WebServer 1.2 is vulnerable to CSRF attacks. An attacker can trick a user into visiting a malicious website that performs actions on the Easy Address Book WebServer on behalf of the user without their consent or knowledge.
This exploit demonstrates how to overwrite the Structured Exception Handling (SEH) chain in the Webby Webserver. By sending a specially crafted HTTP request, an attacker can overwrite the SEH chain and potentially gain control of the program's execution flow.
The webloader v8 script is vulnerable to SQL injection. The 'vid' parameter in the 'vidgoster.php' script is not properly sanitized, allowing an attacker to inject SQL code into the query and manipulate the database.
The vulnerability exists in the id parameter of Microsoft Outlook Web Access (OWA) version 8.2.254.0. Attackers can exploit this vulnerability to disclose sensitive information.
This code is for educational/testing purposes by authorized persons on networks systems setup for such purposes. The code crashes services.exe on the target, effectively bringing down the target against which it's run.
The Open&Compact Ftp Server 1.2 is vulnerable to a remote denial of service attack. By sending a specially crafted "PORT" command, an attacker can cause the server to crash, resulting in a denial of service condition.
The Spaw Editor versions 1.0 and 2.0 are vulnerable to remote file upload. The exploit allows attackers to upload arbitrary files to the server. This can lead to remote code execution or unauthorized access to sensitive information.
Services By CQR