This exploit is a blind SQL injection vulnerability in Lingxia I.C.E CMS. It allows an attacker to gain access to the MySQL database, including the username and hashed password. The exploit works by sending a malicious HTTP request to the vulnerable server, which contains a SQL query that is used to extract the information from the database.
The vulnerability exists in phpMyBitTorrent 2.0.4, which is an open source web-based BitTorrent tracker written in PHP and using a MySQL database. The vulnerability allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'confirminvite.php' script. The attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands.
The vulnerability exists due to failure in the "/include/registerform.php" script, it's possible to generate an error that will reveal the full path of the script. A remote user can determine the full path to the web root dorectory of the vulnerable application.
jSchool Advanced is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the application. This can allow the attacker to access sensitive information from the database.
Register a new user, go to the main panel in http://[url]/awcm/member_cp.php, edit the avatar and put 'onmouseover='alert(document.cookie)'><!--. Each time the area of the avatar is hovered over, an alert will appear, allowing for the stealing of cookies.
This exploit has zip Copied exploits of the team Corelan. It is a vulnerability in the vulnerable function of CuteZip 2.1 build 9.24.1 which allows an attacker to execute arbitrary code by overflowing a buffer on the stack. The vulnerable function is located at 0x0047CC0E and contains instructions such as JB SHORT, REP MOVS, JMP DWORD, LEA ECX, AND EDX, MOV AL, SHR ECX, CMP ECX, and JB SHORT.
Pixelpost is vulnerable to an SQL Injection attack when input is passed to several POST parameters (findfid, id, selectfcat, selectfmon, selectftag). The script (admin/index.php) fails to properly sanitize the input before being returned to the user allowing the attacker to compromise the entire DB system and view sensitive information.
The vulnerability exists in Escort Agency CMS, which is a web application developed by Escort Website Design. It allows an attacker to inject malicious SQL queries into the application, which can be used to extract sensitive information from the database. The vulnerability can be exploited by sending a specially crafted HTTP request containing a malicious SQL query to the application. The application will then execute the query and return the results to the attacker.
TaskFreak! suffers from multiple XSS vulnerabilities when parsing input to multiple parameters in different scripts. The vulnerable POST parameters are: 'sContext', 'sort', 'dir' and 'show' thru index.php. Also the GET parameters 'dir' and 'show' thru 'print_list.php' are vulnerable. Header variable 'referer' is vulnerable thru rss.php script. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.
Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, it is possible for an attacker to run limited SQL commands on the server. Furthermore, when exploited with invalid SQL, it provides the full stacktrace. This gives the attacker the exact version of Kunena, PHP, and MySQL along with path to kunena.search.class.php. This path often starts with /home/username which discloses the username, which can then be used to launch further attacks.
Services By CQR