PunBB (PunPortal 0.1) is vulnerable to a local file inclusion vulnerability due to the lack of proper input validation. An attacker can exploit this vulnerability by sending a crafted HTTP request with a maliciously crafted pun_user[is_guest] and pun_user[language] parameter to the vulnerable application. This will allow the attacker to read arbitrary files from the server.
This exploit uses the '-l' argument to overwrite a file inside Microsoft Help and Support Center folders. Firstly, the attacker runs netcat in listen mode to drop the vbscript shell. Then, the attacker uses a malicious link to execute the shell. The malicious link contains a command to start the calculator application.
AskPert is prone to an authentication bypass vulnerability due to a failure to properly sanitize user-supplied input. An attacker can exploit this issue to gain access to the application and perform unauthorized actions. This issue affects AskPert version 1.0.0; other versions may also be vulnerable.
This exploit allows an attacker to upload arbitrary files to the vulnerable wPortfolio 0.3 application. The vulnerable page is /admin/upload_form.php, which allows an attacker to upload any file type, including a malicious PHP shell.
A SQL injection vulnerability exists in PRE JOB BOARD. An attacker can supply crafted input to bypass authentication and gain access to the application.
A vulnerability in RevSense v.1.0 allows an attacker to bypass authentication by using any email address and the password ' or ' 1=1.
This exploit allows an attacker to upload a malicious shell to the vulnerable MauryCMS version 0.53.2. The exploit uses an SQL injection vulnerability to gain access to the admin panel and then uploads the malicious shell. The malicious shell is then accessible via the URL http://host/path/file.php.
MyTopix <= 1.3.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database, such as usernames and passwords.
PunBB (Private Messaging System 1.2.x) is vulnerable to multiple LFI exploits due to the lack of proper input validation. An attacker can exploit this vulnerability by sending malicious requests to the vulnerable files such as functions_navlinks.php, profile_send.php, viewtopic_PM-link.php, header_new_messages.php, etc. with the parameter pun_user[language] set to a malicious file path. This can be used to read sensitive files such as /etc/passwd.
A vulnerability exists in Alex article-engine V1.3.0 (fckeditor) which allows an attacker to upload arbitrary files. This is due to a lack of proper validation of the file type being uploaded. An attacker can exploit this vulnerability by sending a malicious file to the vulnerable script and execute arbitrary code on the server.
Services By CQR