NetSaro Enterprise Messenger Server v2.0 is prone to multiple cross-site scripting vulnerabilities as the user-supplied input received via certain parameters is not properly sanitized. This can be exploited by submitting specially crafted input to the affected software. Successful exploitation could allow the attacker to execute arbitrary script code within the user's browser session in the security context of the affected site.
A SQL injection vulnerability exists in WordPress WP Bannerize plugin version 2.8.6 and earlier. An attacker can send a specially crafted HTTP POST request with an X-Requested-With header set to XMLHttpRequest to the ajax_clickcounter.php script, which is vulnerable to SQL injection. This can allow an attacker to execute arbitrary SQL commands on the underlying database.
WordPress Donation plugin version 1.0 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the exporttocsv.php script with a malicious did parameter. This will allow the attacker to execute arbitrary SQL commands on the underlying database.
This module exploits a stack based buffer overflow in the Citrix Gateway ActiveX control. Exploitation of this vulnerability requires user interaction. The victim must click a button in a dialog to begin a scan. This is typical interaction that users should be accustom to. Exploitation results in code execution with the privileges of the user who browsed to the exploit page.
The Wordpress image-gallery-with-slideshow plugin version 1.5 is vulnerable to arbitrary file upload and SQL injection. An attacker can exploit this vulnerability by sending a malicious file to the upload-file.php script, which is then uploaded to the server and stored in the database. The attacker can then use the SQL injection vulnerability to execute arbitrary SQL commands on the database.
The grapefile plugin version 1.1 for Wordpress is vulnerable to an arbitrary file upload vulnerability. This vulnerability allows an attacker to upload malicious files to the server, such as a web shell, which can be used to gain remote access to the server. The vulnerability exists due to the lack of proper input validation in the grapeupload.php, grapeupload2.php, grapeupload3.php, and grapeupload4.php files. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request containing a malicious file to the vulnerable server.
The WordPress Couponer plugin version 1.2 and below is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request to the print-coupon.php script with a malicious ID parameter. This will allow the attacker to execute arbitrary SQL queries on the underlying database.
A SQL injection vulnerability exists in WordPress PureHTML plugin version 1.0.0 due to the misuse of $wpdb->prepare() function. An attacker can send a specially crafted POST request to the alter.php script with the action parameter set to delete and the id parameter set to -1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20, which will allow the attacker to execute arbitrary SQL commands.
The vulnerability exists due to misusage of $wpdb->prepare() in the bulkcrawl.php script, which can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be exploited to disclose the content of the database, to gain access to the administrative panel, etc.
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'post_gallery' parameter of the 'playlist.php' script. A remote attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in application's database, cause disclosure of sensitive information, modify data and compromise the application.
Services By CQR