This source code when compiled and executed will reboot at least FreeBSD 8.0-RELEASE because of a null pointer dereference.
The PHP Classified ads software is vulnerable to Blind-Injection. An attacker can exploit this vulnerability by sending a maliciously crafted request to the browsecats.php page with a cid parameter. The attacker can then use the substring() function to determine the version of the software and gain access to the admin panel.
The vulnerability exists due to insufficient filtration of user-supplied data passed via the 'sbcat_id' parameter to '/showcats.php' script. A remote attacker can execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit various vulnerabilities in the underlying SQL server software, etc.
Comerciosonline CMS is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the database server through the web application. This can be done by manipulating the input parameters of the application. For example, an attacker can send a malicious SQL query to the application by appending it to the URL parameter 'codf' in the 'pp_productos.php' page. Additionally, an attacker can also exploit the URL redirection vulnerability in the 'anuncioredir.php' page by manipulating the 'redir' parameter.
If a moderator visits a malicious link, they can grant themselves admin privileges, allowing them to control the game. The attack URL is http://SERVER/admin/paneladmina.php?result=usr_level&player=PLAYER&authlvl=3, where SERVER and PLAYER are replaced with the appropriate values.
A vulnerability exists in MultiPowUpload v 2.1 which allows an attacker to upload a malicious file to the server. By clicking the 'Browse' button and selecting a malicious file, the attacker can upload the file to the server. The malicious file can then be accessed at http://localhost/[path]/FileProcessingScripts/PHP/UploadedFiles/[SHELL.php].
Oracle Document Capture contains ActiveX components that contains insecure methods in empop3.dll. Attacker can construct html page which call vulnerable function 'DownloadSingleMessageToFile' from ActiveX component empop3.dll.
SAP Crystal Report Server 2008 contains a variety of features with which users can manage and share interactive reports and dashboards, as well as provide access to them via the Internet. Directory Traversal vulnerability was found in script qa.jsp With this vulnerability, an authenticated attacker can read any file on the server.
Froxlor v 0.9.15 is vulnerable to a remote file inclusion vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The malicious request contains a URL in the 'id' parameter of the 'customer_ftp.php' script. This URL points to a malicious file which is then included and executed on the vulnerable server.
A vulnerability in class.upload.php version 0.30 allows an attacker to upload a malicious file to the server. The attacker can then access the file via a web browser.
Services By CQR