An attacker can exploit this vulnerability since using an intercepting proxy, where an attacker can modify the 'user-agent HTTP header' the Header is displayed and stored unsanitized in the admin logs on failed and successful logins.
A vulnerability in T-Content Managment allows an attacker to bypass authentication by using the user 'admin' or 1=1-- and the password ' or 1=1--. Additionally, an attacker can edit images and content by using the URLs http://path/admin/galerias/admin_fotos.php?id_tipo=0&id_relacionado=0&nombre=Novedades and http://path/admin/admin/novedades/inc_listado.php?orden=titulo respectively. Furthermore, an attacker can exploit a SQL injection vulnerability by using the URL http://path/notaevento.php?id_novedad=-1+UNION+SELECT+1,2,3,4+from+admin--.
All D3G-CCR gateways provided by Comcast have an administrative login of 'mso' with the password of 'D0nt4g3tme'. These passwords are not provided as a part of the installation of the device and are not recommended to be changed, thus the majority of users are unaware of the default configuration. With these default credentials, internal attackers can modify device configurations to leverage more significant attacks, including redirection of DNS requests, creation of a remote VPN termination point, and modification of NAT entries. D3G-CCR gateways provided by Comcast permit CSRF attacks against numerous management pages allowing an attacker to embed in a webpage a malicious request against the gateway's management interface. Through this, an attacker can modify device configuration and enable remote administration via a telnet shell and http.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the URL. This can allow the attacker to gain access to the database and execute arbitrary commands.
A buffer overflow vulnerability exists in Hanso Converter v1.1.0 when a specially crafted XML file is opened. An attacker can exploit this vulnerability to cause a denial of service condition. The vulnerability is due to a lack of proper validation of user-supplied data when parsing the XML file. An attacker can exploit this vulnerability by creating a malicious XML file and convincing the user to open it.
Hanso Player 1.4.0.0 is vulnerable to a buffer overflow attack when a specially crafted .ini file is opened. This can lead to a denial of service attack when a malicious skin file is opened.
A vulnerability in the FreeBSD 5.4-RELEASE ftpd (Version 6.00LS) sendfile function allows an attacker to leak kernel memory. This can be exploited to obtain secret hashes and other sensitive information.
The vulnerability exists due to insufficient filtration of user-supplied input in 'custid' parameter in 'show_profile.php' script. A remote attacker can execute arbitrary SQL commands in application's database and gain access to sensitive data.
This exploit allows an attacker to gain access to the server, database, username and password of a vulnerable Qcodo Development Framework 0.3.3 installation. The exploit works by exploiting a vulnerability in the codegen.php file, which allows an attacker to access the server, database, username and password of the vulnerable installation.
Two file disclosure flaws exists on these LMS platforms, which could allow an attacker registered on the system to obtain files from the server, i.e your database configuration file, or any other file readeable by the webserver. The user input to the $_GET['file'] variable was not been cleaned at all, and used to open a file and send it to the browser of the user, it only required to be registered and subscribed to a course. The user input on $_GET['doc_url'] was been checked for transversal path injection attempts, however the filter is wrongly implemented, and can be bypassed. Also other functions that should prevent this behavior were not working properly.
Services By CQR