A vulnerability in Cyberfolio <= 7.12.2 allows an attacker to include local files by manipulating the 'theme' parameter in the 'css.php' script. The vulnerability is due to insufficient sanitization of user-supplied input in the 'theme' parameter.
This exploit is used to gain access to the password of a user in the Mambo Component n-form(form_id) by using a blind SQL injection. The exploit is written in Perl and uses the LWP::UserAgent module to send a malicious HTTP request to the vulnerable server. The malicious request contains a substring of the user's password and the response is used to determine the character of the substring. This process is repeated until the entire password is obtained.
V3 Chat - Profiles/Dating Script v3.0.2 is prone to an insecure cookie handling vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to gain administrative access to the application.
ZEEJOBSITE v2.0 is vulnerable to a remote file upload vulnerability. An attacker can register to the site and add malicious code to the head of a shell file. The attacker can then upload the shell file as a profile photo and access the shell file by accessing the photo link.
Using the username ' or ' 1=1 and password ' or ' 1=1, an attacker can bypass the authentication of the V3 Chat - Profiles/Dating Script v3.0.2.
The DSL connection of some 2wire routers is droped when a request to /xslt with the value %X where X is any non alfa numeric character.
When register_globals is enabled, Its possible to include arbitrary files from local or remote resources.
A vulnerability in ZEEPROPERTY v1.0 allows an attacker to upload a malicious file and execute XSS attacks. An attacker can register to the site, add a malicious code to the head of a shell file, upload the file, and then access the file via a direct link. The attacker can then use the link to execute XSS attacks.
This exploit provides a simple shell by exploiting a weak filtering in the inc/inc_header.php and inc/inc_fnctions.php files of MemHT Portal <= 4.0. The exploit requires MySQL to be able to write to file and the full server path to the portal.
It is possible to bypass authentication by modifying the Host header. If you use a Host that is not the authentic one it will not require authentication. http://189.255.255.255./ would bypass authentication too. http://189.255.255.255./x.cfg downloads the full router configuration.
Services By CQR