The GET variable tmp_sid has been set to http://site[dot]com/some_inexistent_file_with_long_name. It is possible for a remote attacker to include a file from local or remote resources and or execute arbitrary script code with the privileges of the web server. By injecting a custom HTTP header or by injecting a META tag, it is possible to alter the cookies stored in the browser. Attackers will normally manipulate cookie values to fraudulently authenticate themselves on a web site. By exploiting this vulnerability, an attacker may conduct a session fixation attack. In a session fixation attack, the attacker fixes the user's session ID before the user even logs into the target server, thereby eliminating the need to obtain the user's session ID afterwards.
A vulnerability exists in Joomla Component com_jb2(PostID) which allows an attacker to inject malicious SQL queries. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can result in unauthorized access to sensitive information in the database.
A security flaw was discovered in OTManager 2.4 which allows attackers to execute arbitrary code on the vulnerable system. This is done by sending a maliciously crafted URL to the vulnerable server, which then includes the malicious code in the application. The malicious code can be executed by the server, allowing the attacker to gain access to the system.
A stored XSS vulnerability exists in the "/admin.php?action=projects" section. Once the attacker specifies an XSS attack vector, like "<script>alert(0);</script>", as the "Name" property of a project then an XSS vulnerability occurs because the projects "Name" fields are stored and printed without any filtering. While the cited section poses limits on the "Name" field when reflecting the XSS payload, clicking on the edit link "/manageproject.php?action=editform&id=<projectId>" results in a page without limitations on the characters showed thus allowing complete exploitation. This vulnerability requires administrator authentication. CSRF+XSS and timing (JS) can be used to successfully exploit this vulnerability in an automated manner. An authentication bypass vulnerability exists in "/admin.php?action=users&mode=added". Directly pointing to that URL shows an error, however at the bottom of the page there is a web form that permits to create new usernames. This vulnerability requires administrator authentication. An arbitrary file upload vulnerability exists in "/managefiles.php?action=addfile". This vulnerability requires administrator authentication.
The jabber server Openfire (<= version 3.6.0a) contains several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. Authentication to the openfire admin interface is secured by a filter in the Tomcat application server (org.jivesoftware.admin.AuthCheckFilter). This filter guarantees that access to the admin interface is only granted to authenticated users. The filter can be bypassed by manipulating the URL. The vulnerability is located in the 'search.jsp' file for SQL injection and 'login.jsp' file for Cross-Site Scripting.
X10media Mp3 Search Engine versions 1.5.5 to 1.6 are vulnerable to a remote file disclosure vulnerability. An attacker can exploit this vulnerability by encoding the URL of the file they wish to download and sending it to the download.php page. The file will be downloaded as an .mp3 extension, but can be opened with any text editor to view the contents.
A remote SQL injection vulnerability exists in ZEEMATRI v3.0. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable script bannerclick.php with the parameter adid, which will execute the malicious SQL statements in the back-end database.
Zeeways PHOTOVIDEOTUBE v1.1 is prone to an authentication-bypass vulnerability because it fails to properly authenticate users. An attacker can exploit this issue to gain access to the application and perform unauthorized actions.
DigiAffiliate version 1.4 suffers from an authentication bypass vulnerability due to a SQL injection flaw in the login.asp script. An attacker can exploit this vulnerability to gain administrative access to the application.
A vulnerability in Zeeways Shaadi Clone v2.0 allows an attacker to bypass authentication and gain access to the admin panel. This is due to a lack of authentication checks in the home.php file. An attacker can access the admin panel by directly accessing the home.php file.
Services By CQR