Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities. Input passed via the '-action' parameter in 'index.php' is not properly verified. This can be exploited to read complete installation path. Input passed via the 'list&-table' and '-action' parameter in 'index.php' page is not properly verified before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL queries. Input passed via the '-action' nad 'list&-table' parameter in 'index.php' page is not properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. Input passed via the 'list&-lang' and '-table' parameter in 'index.php' page is not properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. Input passed via the '-action' parameter in 'index.php' page is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources. Input passed via the '-action' parameter in 'index.php' page is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from remote resources.
MYRE Real Estate Software is prone to multiple cross-site scripting and SQL injection vulnerabilities because it fails to properly sanitise user-supplied input. Input passed to the 'page' parameter in findagent.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Input passed to the 'country1', 'state1', and 'city1' parameters in findagent.php is not properly verified before it is returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of a vulnerable site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
This module exploits a buffer overflow vulnerability found in the BisonFTP Server <= v3.5.
A SQL injection vulnerability exists in WordPress A to Z Category Listing plugin version 1.3 and earlier. The vulnerability is due to insufficient sanitization of user-supplied input in the 'R' parameter of the 'post_retrive_ajax.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database.
A SQL injection vulnerability exists in WordPress WP-Filebase Download Manager plugin version 0.2.9. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. This request contains malicious SQL code in the 'base' parameter of the 'wpfb-ajax.php' script. This code is then executed by the vulnerable server, allowing the attacker to gain access to sensitive information.
OpenCart v1.5.1.2 is vulnerable to Blind SQL injection. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability exists due to insufficient sanitization of user-supplied input in the "path" parameter of the "index.php" script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL code in the "path" parameter.
Ubuntu 11 (and below) ftp client seems to crash when passing large arguments to the "account" command, while a connection is made to any ftp server. This is due to a buffer overflow vulnerability.
This module exploits an arbitrary file upload vulnerability in the '1 Flash Gallery' Wordpress plugin.
This exploit allows an attacker to add an admin user to the AM4SS Version 1.2 application by sending a malicious request to the users.php page. The malicious request contains the user details such as username, password, email, country, and usergroup. The attacker can then use the credentials to gain access to the application.
The WordPress Community Events plugin version 1.2.1 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a malicious POST request to the tracker.php file with a crafted 'id' parameter. This will allow the attacker to extract the version of the MySQL server running on the vulnerable system.
Services By CQR