CodeDB is prone to a local file inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to view sensitive files on the affected computer, potentially resulting in the disclosure of sensitive information. This issue affects the 'list.php' script, the 'lang' parameter is vulnerable to this attack.
This exploit allows an attacker to gain access to the admin panel of Scripteen Free Image Hosting Script V1.2.* by exploiting a cookie injection vulnerability. The attacker can send a malicious cookie to the server and gain access to the admin panel.
A Cross-site scripting (XSS) vulnerability exists in the forward_to_friend.php file, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Remote Sql Injection(s) vulnerabilities exist in the sellers_othersitem.php, classifieds.php and shop.php files, which can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
MFORUM 0.1a has Vulnerability to escalate user's privilege to administartor's privilege. That Vulnerable in 'Control Panel - Edit your profile' (http://[Target]/[mforum_path]/usercp.php?mode=edit_profile) and you can injection code into various field (City, Interest, Email, Icq, msn, Yahoo Messenger). This action will give your account can use Admin Control Panel (http://[Target]/[mforum_path]/admin/index.php) with Administrative's Privilege.
UltraStats is a very flexable log analyzing tool for Call of Duty 2 Server logfiles. It is able to parse and consolidate the information it can gather from these logs, and put them into a MySQL Database with a very efficient and high optimiced database layout. A vulnerability exists in the $_GET['id'] parameter in players-detail.php near line 52, which allows an attacker to execute arbitrary code on the vulnerable system.
Maian Search suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. So, an attacker can craft a cookie and look like a admin.
Maian Uploader suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. So, an attacker can craft a cookie and look like a admin.
Maian Weblog suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. So, an attacker can craft a cookie and look like a admin.
Maian Recipe suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. so we can easyily craft a cookie and look like a admin.
Maian Links suffers from a insecure cookie, the admin panel only checks if the cookie exists and not the content. So, an attacker can craft a cookie and look like a admin.
Services By CQR