The problem is that it is possible to upload files to a location inside the web root "/userdata" via the [path]/fck/editor/filemanager/upload/php/upload.php script.
Article Script allows users to publish their own articles or from the publishers or authors. Aministrator can go to admin page to edit, delete or manage articles, authors and categories. and the member can post articles as an author or just can read the articles. SQL Injection in 'articles.php' in the 'aIDS' parameter and Cross Site Scripting in 'articles.php' in the 'aIDS' parameter.
CMSBuzz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code.
A directory traversal vulnerability exists in Microworld Mailscan for Mail Servers version 5.6.a with espatch1. An attacker can exploit this vulnerability to gain access to the ini file of the application and gain important data. The password algorithm is weak and can be exploited using a specially crafted exploit.
stash-1.0.3 suffers from insecure cookie handling, when a admin login is successful the script creates a cookie to show the rest of the admin area the user is already logged in. The bad thing is the cookie doesn't contain any password or anything alike, therefor we can craft a admin cookie and make it look like we are logged in as a legit admin.
Creator CMS 5.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary code. The POC for this vulnerability is www.site.com/index.asp?sideid=[SQL], where [SQL] is a specially crafted SQL query. An example of such a query is 1+union+select+concat(username,0x3a,password),2,3+from+login/*. An attacker can also upload an ASP shell through the file manager.
Hot Links was the initial script developed by Mr CGI Guy back in 2001 as a simple way to manage outgoing links. It intially was introduced as Hot Links Lite and was distributed for free. SQL Injection in 'report.php' in the 'id' parameter. Cross Site Scripting in 'report.php' in the 'id' parameter. PoC: http://localhost/path/report.php?id=-1/**/union/**/select/**/version(),2,3-- http://localhost/path/report.php?id=[XSS]
A vulnerability in Stash v1.0.3 allows an attacker to bypass the authentication process and gain access to the admin panel. Additionally, the attacker can also access the config.php file which contains sensitive information such as database credentials.
Alstrasoft Forum is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable parameter 'catid' in the 'forum_catview' menu. This can allow an attacker to gain access to the admin and user credentials.
This vulnerability allows an attacker to inject malicious SQL commands into vulnerable web applications. It is possible to exploit this vulnerability by sending malicious SQL commands to the vulnerable web application via the 'cid' parameter.
Services By CQR