CMSimple 3.1 is vulnerable to Local File Inclusion and Arbitrary File Upload. An attacker can exploit this vulnerability to gain access to sensitive information and upload malicious files on the server.
Input passed to the 'cid' parameter in index.php page is not properly verified before being used to sql query. This can be exploited thru the brwose of a malicious user to manipulate sql queries by injecting arbitrary sql code.
PsychoStats Versions (v2.3, v2.3.1, v2.3.3) are vulnerable to a remote SQL injection vulnerability. Attackers can exploit this vulnerability by sending malicious SQL queries to the vulnerable web application. The vulnerable parameters are ‘id’ in ‘map.php’ and ‘weapon.php’. Attackers can use the ‘union’ operator to retrieve data from the database. The vulnerable tables are ‘psuser’, ‘ps_user’, ‘psadmin’, and ‘pas_admin’. The vulnerable columns are ‘username’, ‘password’, ‘plr’, and ‘name’.
This exploit allows an attacker to upload arbitrary files to the vulnerable server. The vulnerability exists in the upload.php file of the fckeditor directory, which does not properly validate the file type before uploading. This allows an attacker to upload malicious files such as PHP scripts, which can then be used to execute arbitrary code on the server.
This exploit allows an attacker to gain access to the admin panel of the PHP Booking Calendar 10 d application by exploiting a SQL injection vulnerability. The attacker can then use the credentials to access the application and upload malicious files.
Now SMS/MMS Gateway v5.5 is vulnerable to a remote buffer overflow exploit. This exploit was discovered by Heretic2 and was published on 14.04.2008. The exploit is tested on Windows 2000 Server and is supported on Windows ALL. The exploit is triggered by sending a long Authentificate request to the server. Egghunter helps in this exploit.
Sending long buufer(however the buffer should be send by chunks) we obtain a SEH exploitation, due to server bytes stricts i decided to use here a alphanumeric shellcodes and jumps.
A vulnerability in CMS from Scratch version 1.1.3 (image.php) allows an attacker to traverse the local directory structure and access sensitive files. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable application. This will allow the attacker to access files outside of the web root directory. Additionally, an attacker can upload a malicious PHP file to the web server and execute it.
Mambo Component mambads 1.0 RC1 Beta & 1.0 RC1 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input in the 'ma_cat' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script.
PicoflatCMS 0.5.9 is vulnerable to Local File Inclusion and Directory Traversal. An attacker can exploit this vulnerability to gain access to sensitive files on the server, such as boot.ini. This is achieved by sending a specially crafted HTTP request containing directory traversal sequences (e.g. “/./././././././boot.ini”) to the vulnerable application. The vulnerable code is located in the “index.php” file, where the “$pagina” parameter is not properly sanitized before being used in a “include” statement.
Services By CQR