By exploiting the vulnerability, an attacker can inject malicious JavaScript code into the search.php page, which will be executed in the browser of the victim. Additionally, an attacker can exploit the Local File Inclusion vulnerability to read arbitrary files from the server.
This Exploit will Add user to Administrator's Privilege.
A vulnerability exists in MindDezign Photo Gallery 2.2, which allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'index.php' script. Magic Quote must be turned off for the exploit to work. The exploit is triggered by sending a specially crafted HTTP request to the vulnerable script. The request contains an SQL injection payload in the 'id' parameter. The payload is then executed by the backend database, allowing the attacker to gain access to sensitive information such as usernames and passwords.
A vulnerability exists in aflog 1.01 which allows an attacker to gain access to the admin panel by setting the cookie 'aflog_auth_a' to 'A' and entering the URL '/edit_delete.php?id=1' with a POST request. This can be done by using a JavaScript code 'javascript:document.cookie = "aflog_auth_a=0; path=/"; document.cookie = "aflog_auth_a=A; path=/";' and entering the URL '/edit_delete.php?id=1'. The vulnerable files are edit_cat.php, edit_lock.php, edit_form.php and more. The dork used to find vulnerable sites is 'powered by aflog'.
A Local File Inclusion vulnerability exists in txtshop version 1.0. The vulnerability is due to the 'language' parameter in the 'header.php' script not being properly sanitized before being used in an 'include_once' function call. This can be exploited to include arbitrary files from local resources via directory traversal attacks. Successful exploitation requires that 'register_globals' is set to 'on'.
This exploit is for SilverSHielD 1.0.2.34, which is vulnerable to a Denial of Service (DoS) attack. The exploit uses the Net::SSH2 Perl module to connect to the target host on port 22, authenticate with a username and password, and then attempt to open a directory with a long string of characters. If successful, the exploit will cause the service to crash.
This exploit is related to the CSPartner 1.0 software. It is a remote exploit that allows an attacker to delete all users from the system by exploiting a SQL injection vulnerability in the 'gestion.php' file. The exploit works by sending a malicious request to the 'erase' parameter in the 'index.php' file. The attacker can then use the 'or' operator to bypass the authentication and delete all users from the system.
This exploit causes a denial of service (DoS) in FreeSSH 1.2.1 by sending a string of 262145 'A' characters to the SSH2 server. This causes the server to crash.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The malicious request contains a specially crafted SQL query that can be used to extract sensitive information from the database. The malicious query is sent in the form of a URL parameter, such as 'cat=-0+union+select+0,concat(user,0x3e,pass),0,0,0,0,0,0,0,0,0,0+FROM+iadmin--' or 'klist.php?cat=-0+uNioN+sELeCT+0,concat(user,0x3e,pass),0,0,0,0,0,0,0,0,0,0,0,0+FROM+iadmin--'.
A SQL injection vulnerability was discovered in Dorsa CMS, a CMS written by Iranian programmers which is used by governmental websites. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This will allow the attacker to gain access to the database and extract sensitive information such as usernames and passwords.
Services By CQR