MyBlog: PHP and MySQL Blog/CMS software is vulnerable to multiple remote vulnerabilities, including SQL Injection and XSS. The SQL Injection vulnerability can be exploited to extract usernames and passwords from the database, while the XSS vulnerability can be exploited to inject malicious code into the application. The exploits require that Magic Quotes be turned off.
MVC-Web CMS versions 1.0 and 1.2 are vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This request contains malicious SQL statements that are executed in the backend database. This can allow an attacker to gain access to sensitive information such as usernames and passwords stored in the database.
Send a request to http://127.0.0.1/BlogPHPv2/index.php?act=register2 with username=[yourusername]&password=[yourpass]&email=[yourmail]','Admin','','','','','','','','','','','','')/* to exploit the vulnerability.
index.php?go=0'+union+select+passwd+from+user+where+username=[USERNAME]
emuCMS 0.3 is vulnerable to an arbitrary file upload vulnerability. An attacker can exploit this vulnerability to upload malicious files to the server, which can lead to remote code execution. This exploit uses the FCKeditor file manager to upload a malicious file to the server.
An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This request contains a maliciously crafted parameter value that is used to include a malicious file from a remote location. This malicious file contains malicious code that is executed on the vulnerable server.
A vulnerability exists in PageSquid CMS 0.3 Beta, where an attacker can inject arbitrary SQL commands via the 'page' parameter in the index.php page. Magic_quote must be turned off for the exploit to work. An example of the exploit is http://192.168.24.25/pagesquid/index.php?page=3'/**/AND/**/1=2/**/UNION/**/SELECT/**/1,Password,3,4/**/FROM/**/mysql.user/**/WHERE/**/User='root
This exploit abuses a blind SQL injection vulnerability in IGSuite 3.2.4 to upload a reverse shell. The exploit requires the user to have access to the igsuited daemon, which is not enabled by default. The exploit was tested on IGSuite 3.2.4 on Linux with MySQL and requires nc to be in the path.
A vulnerability exists in CMS Mini 0.2.2 which allows an attacker to include a local file by manipulating the 'path' parameter in the 'view/index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable script. This will allow the attacker to include a local file, such as the 'boot.ini' file in Windows or the '/etc/passwd' file in Linux.
sHibby sHop v2.2 is prone to a remote SQL injection vulnerability and direct access vulnerability. An attacker can exploit these issues to manipulate SQL queries, access sensitive information, and gain access to the underlying file system.
Services By CQR