A vulnerability in AlstraSoft Web Host Directory allows an attacker to bypass authentication by using the username 'ZoRLu' and the password ' or ' 1=1--'
An authentication bypass vulnerability exists in AlstraSoft Article Manager Pro. An attacker can exploit this vulnerability to bypass authentication and gain access to the application. The attacker can send a specially crafted HTTP request to the vulnerable application to bypass authentication. The attacker can use the username ' or ' 1=1-- and password ZoRLu to gain access to the application.
A vulnerability exists in AlstraSoft SendIt Pro which allows an attacker to upload a malicious file to the server. The attacker can upload a malicious file with a .php.pjpeg extension and access it by visiting the URL http://www.blizsoft.com/send/files/84019shell.php.pjpeg. This can be used to execute arbitrary code on the server.
A remote attacker can cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the vulnerable parameter 'cid' of the 'showcategory.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be used to disclose sensitive information from the database, modify data, or exploit further vulnerabilities in the underlying SQL server software.
A vulnerability in the Joomla com_marketplace module allows an attacker to inject arbitrary SQL commands via the 'catid' parameter. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords stored in the database.
A vulnerability in the Simple RSS Reader Component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter to administrator/components/com_rssreader/admin.rssreader.php.
A SQL injection vulnerability exists in Joomla & Mambo com_catalogproduction module. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerable parameter is the 'id' parameter which is passed to the 'index.php' script. An attacker can inject malicious SQL code into the 'id' parameter and execute it in the backend database.
A vulnerability in the Pre Real Estate Listings script allows an attacker to bypass authentication and upload malicious files. By sending a specially crafted HTTP request to the login.php page, an attacker can bypass authentication and gain access to the application. Additionally, an attacker can upload malicious files to the re_images directory, which is not protected by the application. This allows an attacker to upload malicious files, such as web shells, and gain access to the application.
A vulnerability exists in Joomla's com_contactinfo module, which allows an attacker to inject arbitrary SQL commands. This is done by manipulating the 'catid' parameter in a malicious SQL query. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords.