An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially gain access to sensitive information.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable script. The request should contain a malicious SQL query in the 'r' parameter. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
The problem is that it is possible to upload files to a location inside the web root "/userdata" via the /editors/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php script.
aspWebAlbum 3.2 is vulnerable to SQL injection. An attacker can inject malicious SQL queries into the vulnerable parameter 'pic' and 'cat' of the album.asp page. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability can allow an attacker to gain access to sensitive information from the database.
This exploit allows remote attackers to execute arbitrary code on vulnerable installations of Moodle. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of certain parameters within the application. By supplying a specially crafted parameter, an attacker can inject arbitrary code into the application. This code will be executed in the context of the web server.
Google Chrome allows files (e.g., executables) to be automatically downloaded to the user's computer without any user prompt. This proof-of-concept was created for educational purposes only. Tested on Windows Vista SP1 and Windows XP SP3 with Google Chrome (BETA).
An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a 'special' character, the chrome crashes with a Google Chrome message window 'Whoa! Google Chrome has crashed. Restart now?' It lies in dealing with the POP EBP instruction when pointed out by the EIP register at 0x01002FF4.
CS-Cart Cart is a full featured online ecommerce application written in php that allows users to build, run and promote an online store. There is unfortunately a fairly serious SQL Injection issue within CS-Cart that can be used to easily take over user and administrator accounts, as well as used to retrieve arbitrary data from the database. The vulnerable code can be found in /core/user.php, where an attacker can specify a cookie like cs_cookies[customer_user_id]=1'/*; and successfully log in as the customer with the id of 1 without ever actually authenticating.
AJ-HYIP is vulnerable to SQL injection. An attacker can exploit this vulnerability to gain access to the admin and members information. The attacker can use the following payloads to exploit this vulnerability: For admin info: www.site.me/patch/article/readarticle.php?artid=-9999999+union+select+0,1,2,3,concat(username,0x3a,admin_password),5,6,7,8+from+admin/* For members info: www.site.me/patch/article/readarticle.php?artid=-9999999+union+selct+0,1,2,3,concat(username,0x3a,password),5,6,7,8+from+members/*
Ajhyip manager script is vulnerable to a Remote SQL Injection vulnerability which allows an attacker to execute arbitrary SQL commands on the underlying database.
Services By CQR