JShop Server 1.x-2.x is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability by sending a crafted HTTP request containing directory traversal characters to the vulnerable server. This can allow the attacker to read sensitive files on the server, such as /etc/passwd. An attacker can also upload a malicious file, such as a GIF file containing PHP code, to the vulnerable server. This can allow the attacker to execute arbitrary code on the server. A Perl script can be used to parse the output of the error log and print the results.
KISGB (Keep It Simple Guest Book) is vulnerable to Local File Inclusion vulnerability. An attacker can exploit this vulnerability to include a file from the local system which may lead to information disclosure. This vulnerability exists due to insufficient sanitization of user-supplied input to the 'tmp_theme' parameter in 'view_private.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This may lead to information disclosure.
This exploit allows an attacker to inject malicious code into a vulnerable web application. The vulnerability exists in the mx_blogs module of mxBB, which is vulnerable to a remote file include attack. The attacker can inject malicious code into the vulnerable web application by sending a specially crafted HTTP request to the vulnerable web application.
admin_view_image.php?cid=-99999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/lwsp_users. Admin login on frontpage.
The overflow occurs in Visual Basic for Application. Creating a property with a long name (about 247 chars) results in a stack overflow in vbe6.dll which overwrites with a null byte the first byte of the return address.
This exploit allows a remote attacker to execute arbitrary code on a vulnerable system. It is triggered by sending a specially crafted packet to the target system. The exploit takes advantage of a vulnerability in Microsoft Office XP SP3 with updates prior to 03/11/08. The vulnerability is caused by a boundary error when processing certain packets, which can be exploited to cause a stack-based buffer overflow.
AuraCMS 2.x is vulnerable to Security Code Bypass & Add Administrator Exploit. This vulnerability exists due to insufficient validation of user input in the 'user.php' file in the '/content' directory. The application fails to properly validate the username, password, email, and code fields, allowing an attacker to bypass the security code and add an administrator account.
An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. An example of such a query is http://[target]/index.php?option=com_myalbum&album=[SQL], where [SQL] is the malicious SQL query. For example, http://www.akparti.org.tr/disiliskiler/index.php?option=com_myalbum&album=-1+union+select+0,concat(username,char(32),password),2,3,4%20from%20jos_users/*.
This exploit is used to cause a denial of service in PacketTrap Networks pt360 2.0.39 TFTPD. It sends a crafted packet with a filename of 160 double quotes to the server, which causes the server to crash.
Quick TFTP Pro 2.1 is vulnerable to a SEH overflow vulnerability. An attacker can send a malicious packet to the vulnerable server, which can lead to arbitrary code execution. This exploit was tested on Windows XP SP2.
Services By CQR