A blind SQL injection vulnerability exists in PhpWebGallery 1.3.4. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.
Sports Clubs Web Panel 0.0.1 is vulnerable to SQL Injection. This vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'draw-view.php' and 'draw-edit.php' scripts. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL queries. The attacker can also gain access to sensitive information such as usernames and passwords.
Maxthon Browser 2.1.4.443 is vulnerable to a remote denial of service attack. By exploiting a vulnerability in the browser, an attacker can cause the browser to crash. This is achieved by using a malicious JavaScript code which adds a malicious website to the browser's favorites list. This causes the browser to crash.
An SQL injection vulnerability exists in Autodealers CMS AutOnline. The vulnerability is due to the application failing to properly sanitize user-supplied input to the 'id' parameter in the 'index.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database, potentially resulting in the manipulation or disclosure of arbitrary data. The attacker can also leverage this issue to gain access to the application with administrative privileges.
A vulnerability exists in minb CMS which allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input in the 'index.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable system. Successful exploitation of this vulnerability can result in arbitrary code execution on the vulnerable system.
PhsBlog v0.2 is vulnerable to a Bypass Sql injection Filtering Exploit. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.
D-iscussion Board 3.01 is vulnerable to a local file inclusion vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow an attacker to include a local file on the server, which can lead to the disclosure of sensitive information or the execution of arbitrary code.
Sports Clubs Web Panel 0.0.1 is vulnerable to a local file inclusion vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious file path in the 'p' parameter. This can allow an attacker to read sensitive files on the server.
An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as usernames and passwords, or even execute arbitrary system commands on the server.
Jeremy Brown discovered a vulnerability in Adobe Acrobat 9 which allows remote attackers to cause a denial of service via a crafted URI. The vulnerability exists due to the application failing to properly handle certain URIs. An attacker can exploit this vulnerability by enticing a user to open a malicious URI.
Services By CQR