Harlandscripts Mypage.php is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries to view, add, modify or delete records in the back-end database, affecting the application's integrity.
The PDF417 ActiveX control contains two methods SaveAsBMP() and SaveAsWMF(). Both of these methods can be used to overwrite arbitrary files on the system. The attacker can specify the file name and the location of the file to be overwritten. This vulnerability affects all products of MW6 Technologies, Inc.
The DataMatrix ActiveX control contains two methods SaveAsBMP(); And SaveAsWMF(); which can be used to overwrite arbitrary files on the system. This vulnerability affects all products of MW6 Technologies, Inc.
This control contains two methods SaveAsBMP(); And SaveAsWMF(); which can be used to cause a buffer overflow. By setting the arg1 parameter to a long string, an attacker can overwrite the EIP register and execute arbitrary code.
This control contains two methods SaveAsBMP(); And SaveAsWMF(); which can be exploited to cause a buffer overflow. The exploit code provided by milw0rm.com allows an attacker to overwrite a file on the system with arbitrary data.
WebCards 1.3 and prior versions suffer from a MySQL injection in the admin login page, This allows remote attackers to gain access to the administration area without having a valid user/pass combination. All what is needed is the valid username, The default admin username is "admin" so the below SQL syntax should gain entry to a vulnerable site. Not all sites are vulnerable, It relys on Magic Quotes, and other script settings for this to work, I tested on about 15 sites, and 2 of those 15 were only vulnerable. Once in the administration area its possible to get a very easy shell, Which is explained in the "Notes" section of this document.
This exploit is a completely diffrent method then the prior simpleboard vulns. It works with the patch in place and is successful if openbase_dir is not enabled. The uploaded file can be found at the URL specified in the exploit.
The vulnerability allows an attacker to upload a malicious file to the /wp-content/plugins/wp-shopping-cart/ directory of a vulnerable Wordpress Plugin e-Commerce version <= 3.4. The vulnerability no longer exists in the later versions of the plugin due to a code rewrite.
7Shop is vulnerable to a remote arbitrary file upload vulnerability due to improper validation of the Content-Type header. An attacker can exploit this vulnerability to upload malicious files to the server, which can be used to execute arbitrary code on the server.
The e107 Plugin fm pro v1 is vulnerable to multiple remote vulnerabilities. These include Remote File Disclosure, Remote File Upload, and Local Directory Traversal. The Remote File Disclosure vulnerability allows an attacker to view any file on the server. The Remote File Upload vulnerability allows an attacker to upload a malicious PHP file to the server. The Local Directory Traversal vulnerability allows an attacker to view, rename, delete, view, and edit any folder or file on the server.
Services By CQR