HIS-Webshop is a shopping-system written in Perl by www.shoppark.de. The script doesn't check the 't'-parameter, which can be used to traverse directories. An example of this exploit is http://server.com/cgi-bin/his-webshop.pl?t=../../../../../../../../etc/passwd%00
Local File Include vulnerability found in script pb_inc/admincenter/index.php Non-authentication user can directly access to this script. To exploit this vulnerability REGISTER_GLOBALS option must be ON in php config file.
This exploit allows an attacker to include a file from the local file system of the web server. The vulnerability is due to the use of user-supplied input without proper validation. A remote attacker can exploit this vulnerability to include a file from the local file system of the web server and execute arbitrary code on the vulnerable system.
The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'id' parameter in 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the application with administrative privileges.
An attacker can exploit a SQL injection vulnerability in the Download 3000 component for Joomla! to execute arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input to the 'id' parameter of the 'index.php' script when 'task' is set to 'showarticles'. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the context of the affected application. This may allow the attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
A SQL injection vulnerability exists in Joomla component rekry!Joom (op_id) version 1.0.0 and below. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary queries.
A vulnerability in Cuteflow Bin v1.5.0 allows an attacker to include a local file via the 'language' parameter in the 'login.php' script.
The file includes/dynamic_titles.php is vulnerable to SQL Injection - lines: 44 - 427. If the file maintenance/index.php is on the server, magic_quotes_gpc can be turned off. This allows for the bypassing of the SQL Injection protection and file write is possible.
A remote file inclusion vulnerability exists in Joomla Component custompages version 1.0 and below. An attacker can exploit this vulnerability to include a remote file containing malicious code, resulting in arbitrary code execution on the vulnerable system.
XLPortal is vulnerable to a remote SQL injection vulnerability in the search feature. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.