header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

AlstraSoft Article Manager Pro auth bypass

An authentication bypass vulnerability exists in AlstraSoft Article Manager Pro. An attacker can exploit this vulnerability to bypass authentication and gain access to the application. The attacker can send a specially crafted HTTP request to the vulnerable application to bypass authentication. The attacker can use the username ' or ' 1=1-- and password ZoRLu to gain access to the application.

AlstraSoft SendIt Pro Remote File Upload

A vulnerability exists in AlstraSoft SendIt Pro which allows an attacker to upload a malicious file to the server. The attacker can upload a malicious file with a .php.pjpeg extension and access it by visiting the URL http://www.blizsoft.com/send/files/84019shell.php.pjpeg. This can be used to execute arbitrary code on the server.

Business Directory Script (cid) Remote SQL Injection Vulnerability

An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the vulnerable parameter 'cid' of the 'showcategory.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be used to disclose sensitive information from the database, modify data, or exploit further vulnerabilities in the underlying SQL server software.

Joomla & Mambo com_catalogproduction (id) SQL injection vulnerability!

A SQL injection vulnerability exists in Joomla & Mambo com_catalogproduction module. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerable parameter is the 'id' parameter which is passed to the 'index.php' script. An attacker can inject malicious SQL code into the 'id' parameter and execute it in the backend database.

Pre Real Estate Listings (login.php) ByPass /File Upload

A vulnerability in the Pre Real Estate Listings script allows an attacker to bypass authentication and upload malicious files. By sending a specially crafted HTTP request to the login.php page, an attacker can bypass authentication and gain access to the application. Additionally, an attacker can upload malicious files to the re_images directory, which is not protected by the application. This allows an attacker to upload malicious files, such as web shells, and gain access to the application.

Joomla com_contactinfo(catid) SQL-injection vulnerability

A vulnerability exists in Joomla's com_contactinfo module, which allows an attacker to inject arbitrary SQL commands. This is done by manipulating the 'catid' parameter in a malicious SQL query. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords.

Recent Exploits: