Lines 335 - 341 of the index.php we see this if statement that concerns our variable $b_post. This if statement is suppose to prevent the SQL Injection vulnerability. However the logic implimented is incorrect, as there will never be a situation where the $b_post variable that we control will ever be a 0 and a string value. Further down in the index.php page on lines 348 - 361, we see the location of the actual vulnerable code. The page redirects after the query is executed. This way you probably won't spot the bug in your browser from a blackbox view :). No urldecode() so we can't bypass magic_quotes_gpc and the admin credentials are not stored in the database.
A weakness has been discovered in Esselbach Storyteller CMS System Version 1.8, where an attacker may execute arbitrary SQL statements on the vulnerable system. This may compromise the integrity of the database and/or expose sensitive information. This vulnerability is identified in the path 'page.php'.
The vulnerability exists due to failure in the "/wp-content/plugins/flash-album-gallery/lib/hitcounter.php" script to properly sanitize user-supplied input in "pid" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database. The vulnerability also exists due to failure in the "/wp-content/plugins/flash-album-gallery/admin/news.php" script to properly sanitize user-supplied input in "want2Read" variable. Successful exploitation of this vulnerability allows remote attacker to obtain content of arbitrary file accessible within the context of vulnerable application.
Run the (Gestionn de Fichiers) And Open The (m3u) File with 'Lect.Audio' and the (Gestionn de Fichiers) and ( Lect.Audio) is Blocked And Crashed!!
Movavi VideoSuite 8.0 is vulnerable to a buffer overflow vulnerability when a maliciously crafted AVI file is opened in the MovieEditor.exe application. This can lead to a crash of the application and potentially arbitrary code execution.
Movavi VideoSuite 8.0 (MediaPlayer.exe) is vulnerable to a stack-based buffer overflow vulnerability. An attacker can exploit this vulnerability by sending a specially crafted malicious m3u file to the vulnerable application. This will allow the attacker to execute arbitrary code on the target system.
EzPub is a Simple Classic ASP CMS vulnerable to SQL Injection. The vulnerability can be exploited by sending a malicious SQL query to the vulnerable parameter in the view_article.asp, page.asp and display.asp files. An example of a malicious SQL query is http://site.com/view_article.asp?item=1 union select 1 from test.a
This service's EXE file can be overwritten by any non-admin domain user and local power users (which are the default permissions set). This exploit compiles to a service that uses the original service's id.
The web server crashes while sending specially crafted HTTP requests leading to Denial of Service.
BMForum is vulnerable to an SQL injection attack due to the lack of sanitization of the user-supplied input in the 'forumid' parameter of the js_viewnew.php script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL code in the 'forumid' parameter. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials.
Services By CQR