The vulnerability exists due to insufficient sanitization of user-supplied input in the 'name' and 'category' parameters of the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows an attacker to gain access to the vulnerable system.
RoomPHPlanning 1.5 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
RoomPHPlanning is vulnerable to add user whit go to link in colon Nom write any name and in colon login whrite your adress email after password and the colon priviléges is adminstrator after click [enregistrer ]
Xomol CMS is a content management system based on PHP and MySQL. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'email' and 'password' parameters of the 'index.php' script, which can be exploited to bypass authentication and gain administrative access. Additionally, the vulnerability is caused due to insufficient sanitization of user-supplied input in the 'op' parameter of the 'index.php' script, which can be exploited to include arbitrary files from local resources. This can be exploited to disclose sensitive information.
plusPHP Multi-User Short URL and Statistics (plus.php) is prone to a remote file-inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the webserver process.
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'pConfig_auth[phpbb_path]' parameter to '/path/authentication/phpbb3/phpbb3.functions.php' script. A remote attacker can include arbitrary files from remote hosts and execute arbitrary PHP code on the vulnerable system.
RoomPHPlanning v1.5 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This can allow an attacker to gain access to sensitive information such as usernames and passwords stored in the database.
Quate CMS system has multiple security vulnerabilities: 1. Multiple Remote/Local File Include, 2. Multiple Linked XSS vulnerabilities, 3. Directory traversal. Quate CMS has Multiple Local File Include vulnerabilities. Local File Include vulnerability found in script admin/includes/footer.php. Remote and Local File Include vulnerability found in script admin/includes/header.php. Multiple Linked XSS vulnerabilities found in script admin/includes/header.php. Directory traversal vulnerability found in script admin/includes/header.php.
VLC 0.8.6d is vulnerable to a double sh311 universal exploit. This exploit allows an attacker to gain remote code execution on the vulnerable system. The vulnerability was discovered by Michal Luczaj and was coded by Muris Kurgas and Matteo Memelli. The exploit uses a win32_bind shellcode to gain remote code execution.
The vulnerability exists in the macgurublog.php file, where the user_id parameter is not properly sanitized before being used in a SQL query. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow an attacker to gain access to sensitive information from the database, such as user credentials.
Services By CQR