A vulnerability in Vikingboard <= 0.2 Beta allows an attacker to register an user/admin that already exists. This is done by sending a specially crafted request to the upload/register.php page with a NULL value for the username field. An attacker can then use the same credentials to log in to the upload/login.php page.
The vulnerability exists due to insecure handling of cookies in PHP infoBoard V.7 Plus. An attacker can exploit this vulnerability to gain administrative access to the vulnerable application.
Libra PHP File Manager version <= 1.18 and 2.0 is vulnerable to local file inclusion vulnerability. An attacker can scale directories and read any file that they have permissions to. The vulnerable file is fileadmin.php.
PHP infoBoard V.7 Plus is vulnerable to Remote SQL Injection and Stored XSS. An attacker can inject malicious SQL code into the 'idcat' parameter of the 'showtopic.php' page to gain access to the database. Additionally, an attacker can inject malicious JavaScript code into the 'isname' parameter of the 'newtopic' page to perform a stored XSS attack.
K-Lite Mega Codec Pack based Local Windows Explorer DOS PoC is a proof-of-concept exploit that crashes Windows Explorer when a user tries to use, select, or highlight the attached Test7.flv file in Windows Explorer. This causes Windows Explorer to crash.
Vikingboard is a PHP-based discussion forum. A vulnerability exists in Vikingboard 0.2 Beta which allows attackers to include arbitrary local files via the 'task' parameter in the 'index.php' script. This can be exploited to disclose sensitive information or to execute arbitrary PHP code.
A local file inclusion vulnerability exists in phpOCS <= 0.1-beta3. The vulnerability is due to the application including user-supplied input without proper validation. This can be exploited to include arbitrary local files by e.g. passing 'act=../../../../../../../etc/passwd%00' in the 'act' parameter to index.php. Successful exploitation requires that 'register_globals' is enabled.
Lansuite is vulnerable to a local file inclusion vulnerability due to a lack of proper sanitization of user-supplied input. This vulnerability allows an attacker to include a file from the local system and execute arbitrary code. The vulnerability is due to the 'design' parameter in the 'index.php' script not being properly sanitized before being used. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes.
Aj auction platinum2, the last version, is vulnerable to XSS and SQL Injection. An attacker can exploit this vulnerability by sending a malicious payload to the search.php?min_cur=&product parameter. Additionally, an attacker can exploit the SQL Injection vulnerability by sending a malicious payload to the sellers_othersitem.php?seller_id= parameter.
A denial of service vulnerability exists in Microsoft Windows Wordpad when opening a specially crafted .doc file. The vulnerability is caused due to an error in the handling of .doc files and can be exploited to crash the application.
Services By CQR