This Board Software suffers from some not correctly verified variables which are used in SQL Querys. An Attacker can easily get sensitive information from the database by injecting unexpected SQL Querys.
The IMAP service contains a buffer overflow in the APPEND command. An attacker can send a specially crafted IMAP command with an overly long string to the vulnerable server, causing a denial of service.
SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users in. This allows login access without proper credentials. And unsanitized GET-variables in SQL queries when loading articles. This allows an attacker to read all usernames and passwordhashes in the database. Using admin' OR '1'='1 as the username will allow login without proper registered credentials. The second and far more serious SQL Injection is in cms/form/read.php. This vulnerability allows an attacker to reveal all users and their md5-password hashes. Using 1' UNION ALL SELECT uname, uname, uname, pw, uname FROM sbc_user WHERE '1'='1 as the GET-variable 'recid' reveals the first post along with all registered users and their passwordhashes.
This exploit is used to gain access to the admin user of a Joomla Component Xe webtv. It uses a blind SQL injection vulnerability to exploit the system. The exploit takes the host, path, category value and valid tv id as arguments. It then sends a GET request to the host with the given path and the category and tv id as parameters. If the exploit is successful, it will return the admin user of the system.
A vulnerability in Joomla Component beamospetition allows an attacker to execute arbitrary SQL commands via the 'pet' parameter in a URL.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code into the vulnerable application, allowing them to access, modify, or delete data from the database.
A remote SQL injection vulnerability exists in Php fusion classifieds. An attacker can exploit this vulnerability to inject malicious SQL queries into the application, allowing them to gain access to sensitive information stored in the database. The vulnerability is due to insufficient sanitization of user-supplied input to the 'lid' parameter in the 'classifieds.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL queries to the vulnerable script. This can result in the execution of arbitrary SQL commands in the back-end database.
OTManager CMS suffers from insecure cookie handling, when a admin login is successful the script creates a cookie to show the rest of the admin area the user is already logged in. The bad thing is the cookie doesn't contain any password or anything alike, therefor we can craft a admin cookie and make it look like we are logged in as a legit admin.
A remote SQL injection vulnerability exists in philboard v 1.14. An attacker can exploit this vulnerability to inject arbitrary SQL commands and execute them in the backend database. A remote XSS exploit also exists in philboard v 1.14. An attacker can exploit this vulnerability to inject arbitrary JavaScript code and execute it in the user's browser.
A vulnerability exists in OTManager CMS version 24a Completo, which allows an attacker to perform a Local File Inclusion (LFI) and Cross-Site Scripting (XSS) attack. The vulnerability is due to the application not properly sanitizing user-supplied input to the 'conteudo' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow an attacker to execute arbitrary code on the server, steal sensitive information, or perform other malicious actions.
Services By CQR