This exploit allows an attacker to create a malicious file on the vulnerable server. The attacker can inject arbitrary code into the file and execute it on the server. This exploit is possible due to the lack of input validation in the save.php file.
An attacker might be able to upload arbitrary files containing malicious PHP code due to the code near lines 166-170 will check only the MIME type of the upload request, that can be easily spoofed!
miniBloggie 1.0 is vulnerable to a remote blind SQL injection vulnerability due to the lack of sanitization of the 'post_id' parameter in the 'del.php' file. An attacker can exploit this vulnerability to execute arbitrary SQL code on the vulnerable application's database.
A Blind SQL Injection vulnerability was discovered in the Meeting Room Booking System (MRBS) which allows an attacker to inject malicious SQL queries into the application. The vulnerability exists in the ‘month.php’, ‘day.php’ and ‘week.php’ scripts, which are vulnerable to a Blind SQL Injection attack. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable scripts with a malicious SQL query. This can allow the attacker to gain access to sensitive information from the database.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The malicious request contains a specially crafted SQL query that can be used to extract sensitive information from the database. The malicious request can be sent to the vulnerable application using the 'adid' parameter in the 'bannerclick.php' script.
XOOPS Module GesGaleri is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.
A remote SQL injection vulnerability exists in the WordPress plugin stnl_iframe.php. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames, passwords, and emails. The vulnerability is due to insufficient sanitization of user-supplied input to the 'newsletter' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. This will allow the attacker to gain access to the database and extract sensitive information.
Hummingbird Deployment Wizard 2008 (DeployRun.dll) is vulnerable to arbitrary file execution. The vulnerable method is PerformUpdateAsync (ByVal ExecAfterComplete As String). It has been tested on Windows XP Professional SP3 full patched, with Internet Explorer 7.
A denial of service vulnerability exists in Solaris 9 due to a flaw in the taddr2uaddr() function of the Portmapper RPC service. By sending a specially crafted XDR-DECODE request, a remote attacker can cause a segmentation fault in the service, resulting in a denial of service.
Hummingbird Deployment Wizard 2008 (DeployRun.dll) is vulnerable to registry values creation/change. The vulnerable method is Sub SetRegistryValueAsString (ByVal Path As String, ByVal v As String). This exploit was tested on Windows XP Professional SP3 full patched, with Internet Explorer 7.
Services By CQR