The Battle Blog script is vulnerable to SQL injection. Attackers can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'entry' in the 'comment.asp' page. For MS SQL Server, the payload 22+and+1=convert(int,(select+@@version))-- can be used. For Ms ACCESS, the payload IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'done')%00 can be used.
A vulnerability in the Joomla component com_idoblog allows remote attackers to execute arbitrary SQL commands via the userid parameter in a userblog action to index.php.
A remote SQL injection vulnerability exists in Joomla Component joomradio. An attacker can exploit this vulnerability to inject malicious SQL queries in the application, allowing them to gain access to sensitive information stored in the database. The vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information stored in the database.
FlashBlog beta0.31 is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server, which can be used to execute arbitrary code on the server.
A buffer overflow vulnerability exists in MDaemon versions prior to v9.6.5. An attacker can send a malicious message with a subject composed of 8194 A characters to a user or postmaster, and if the user clicks 'answer' to the message, the EIP gets owned. The CC & From field is also vulnerable. Additionally, a full control over EDX can be achieved without any authentication.
SMEweb 1.4b is vulnerable to SQL Injection and XSS. The SQL Injection vulnerability exists in the catalog.php file, where user-supplied input is not properly sanitized before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The XSS vulnerability exists in multiple files, including catalog.php, search.php, bb.php, and order.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
pLog is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially gain access to sensitive information.
A vulnerability in Joomla Component equotes allows an attacker to inject arbitrary SQL commands via the 'id' parameter in a 'index.php' script. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands.
Booby 1.0.1 is vulnerable to Local File Include (LFI) and Remote File Include (RFI) attacks. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The vulnerable parameter is ‘renderer’ in the ‘template.tpl.php’ file. An attacker can use this vulnerability to read sensitive files from the server or execute malicious code on the server.
This exploit is a blind SQL injection vulnerability in the Joomla Component acctexp. It allows an attacker to extract the MD5 hash of the password of a given userid and gid. The exploit works by making a series of requests to the vulnerable application, each time changing the value of a single character in the password. If the response of the application changes, then the character is correct. This process is repeated until the entire password is extracted.
Services By CQR