The vulnerability is a combination of a remote bypass exploit and a remote XSS exploit. The remote bypass exploit can be triggered by sending a specially crafted HTTP request to the vulnerable application. The remote XSS exploit can be triggered by sending a specially crafted HTTP request to the vulnerable application.
A vulnerability exists in TxtBlog v.1.0 Alpha, which allows an attacker to include arbitrary files from the local system. This is due to a lack of proper sanitization of user-supplied input to the 'y' and 'm' parameters in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../') to the vulnerable script. This will allow the attacker to include arbitrary files from the local system.
Many of the pages of the stararticles application are vulnerable to blind SQL injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable page. For example, a request like http://www.kalptarudemos.com/demo/stararticle/article.download.php/1090%20and%20substring(@@version,1,1)=5 can be used to check if the application is vulnerable to blind SQL injection.
A SQL injection vulnerability exists in ParsBlogger, which allows an attacker to execute arbitrary SQL commands via the 'wr' parameter in blog.asp. An attacker can use this vulnerability to gain access to sensitive information in the back-end database.
Post Affiliate Pro v.3 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'umprof_status' in the 'index.php' file. This can allow the attacker to gain access to the database and execute arbitrary code.
A SQL injection vulnerability exists in the POST form of CMS Ortus 1.12 and 1.13. An attacker can exploit this vulnerability by registering on the website, authenticating, and then editing the user profile. The attacker can then inject malicious SQL code into the “City” field to gain admin rights and access the admin area.
Jamit Job Board v.3 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'show_emp' in the 'index.php' page. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
This exploit allows attacker to upload any type of file [no extension filtration] ex. php shell. Uploader is adding random number on the begining of file name so user have to check it manually.
SimpleBlog 3.0 is vulnerable to an authentication bypass vulnerability. An attacker can download the mdb file from the web server and read the admin name and password from the 'users' table. The attacker can then access the admin panel by visiting the default.asp page.
The vulnerability exists due to insufficient filtration of user-supplied input passed via the 'p' parameter to '/code/track.php' script. A remote attacker can send a specially crafted HTTP request with malicious 'p' parameter value and execute arbitrary PHP code on the vulnerable system.
Services By CQR