A Blind SQL Injection vulnerability exists in the Calc Builder component of Joomla. An attacker can send a specially crafted request to the vulnerable application in order to extract sensitive information from the database. The vulnerable parameter is the ‘id’ parameter which can be manipulated to inject malicious SQL queries. An example of a malicious request is ‘option=com_calcbuilder&controller=calcbuilder&format=raw&id=3 and+1=1&fld_5=C’.
Burning Board 3.1.5 is vulnerable to Full Path Disclosure. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. This will allow the attacker to view the full path of the application.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The attacker can inject malicious SQL queries in the vulnerable parameter and gain access to the database. This can be used to extract sensitive information from the database.
Some Local File inclusion vulnerabilities exist in Component A Cool Debate 1.0.3. The vulnerability is in the line: require_once $path; The variable $path is not sanitized and can be manipulated to include local files. An attacker can include local files and execute arbitrary code on the server.
AiCart 2.0 is vulnerable to multiple SQL Injection and XSS vulnerabilities. An attacker can inject malicious SQL queries and XSS payloads into the vulnerable parameters of the application. This can lead to the compromise of the application and the underlying system.
This module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid <object> tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed <object> and attempts to call a function on it, leading to the use-after-free.
An attacker could inject malicious HTML/JS through a SQL injection flow in the adsearch.php. The SQL injection flaw exists in the 'maxprice' field. The SQL injection attack cannot be elevated, so the attacker leverages the SQL injection to trigger an error that would write the malicious HTML/JS to the error log. The XSS attack happens when the admin or any user capable of viewing the error log from the ACP.
Catalog Builder is vulnerable to Blind SQL Injection. The vulnerability exists in the 'cat_id' parameter of the 'main.php' script. An attacker can inject malicious SQL queries in the 'cat_id' parameter and execute them in the backend database. This can be exploited to gain access to sensitive information from the database.
A vulnerability in Adobe Reader/Acrobat could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to a memory corruption issue when processing a specially crafted PDF file. An attacker could exploit this vulnerability by convincing a user to open a malicious PDF file. Successful exploitation could result in a DoS condition.
WebSphere is IBM's integration software platform. It includes the entire middleware infrastructure --such as servers, services, and tools-- needed to write, run, and monitor 24x7 industrial-strength, on demand Web applications and cross-platform, cross-product solutions. WebSphere Application Server is the base for the infrastructure; everything else runs on top of it. The administrative console of IBM WebSphere Application Server is vulnerable to Cross-Site Request Forgery (CSRF) attacks, which can be exploited by remote attackers to force a logged-in administrator to perform unwanted actions on the IBM WebSphere administrative console, by enticing him to visit a malicious web page.
Services By CQR