LinPHA <= 1.3.3 is vulnerable to a remote command execution vulnerability due to an LFI found by rgod in /plugins/maps/map.main.class.php. An attacker can modify the 'maps_type' config value by another script and include an arbitrary local file through the require_once() at line 24. The attacker can then include a ChangeLog file containing malicious code to execute arbitrary commands.
Drake CMS version 0.4.11 is vulnerable to a blind SQL injection vulnerability due to insufficient sanitization of user-supplied input in the 'gb_name' and 'gb_email' parameters of the 'guestbook.php' script. An attacker can inject arbitrary SQL code through the 'HTTP_VIA' header, resulting in a blind SQL injection at line 29 of the 'guestbook.php' script.
Prozilla freelancers is vulnerable due to a insecure mysql query. This allows the remote attacker to pull admin/user credentials from the database and possibly gain shell access.
Prozilla cheat script is vulnerable due to insecure mysql querys, the sql injection found below will attempt to load the /etc/passwd file on most linux servers. The mysql user running the script must have permissions to use mysql's load_file().
Prozilla TopSites is vulnerable due to bad session handling, multiple admin area files are not validating the users that is viewing it, therefor making it viewiable to anyone, even unregistered people. An attacker can exploit this vulnerability to gain access to the admin area and edit/add users.
Prozilla Reviews script suffers from bad session handling, and some crutial parts of the admin area are not checked to see if the user is a admin or not. The below url will delete a user from the database: http://site.com/siteadmin/DeleteUser.php?UserID=[uid], where [uid] should be replaced with a actual user id. A script can also be coded to delete all users.
This exploit targets Apache Tomcat Connector jk2-2.0.2(mod_jk2) on Fedora Core 6,7,8 (exec-shield) based systems. It allows an attacker to gain remote access to the target system by sending a specially crafted request to the vulnerable server. The exploit is available in the form of a tarball containing a C source code file.
Prozilla Forum Service is vulnerable due to a insecure mysql query, this allows the remote attacker to pull user credentials from the database, and possibly load a shell using OUTFILE. and even read local files using load_file().
Prozilla Top 100 1.2 is vulnerable due to very bad validating on there $_GET urls. This allows the remote attacker to delete the stats of a user of choice. Therefor pushing which ever site they want to the top of the list.
The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'id' parameter in 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the administrative panel.
Services By CQR