header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

phpBB Module XS 2.3.1 Local File Inclusion Exploit

This exploit allows an attacker to include a file from the local file system of the web server. The vulnerability is due to the use of user-supplied input without proper validation. A remote attacker can exploit this vulnerability to include a file from the local file system of the web server and execute arbitrary code on the vulnerable system.

Joomla Component com_cinema SQL Injection

The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'id' parameter in 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the application with administrative privileges.

D3000

An attacker can exploit a SQL injection vulnerability in the Download 3000 component for Joomla! to execute arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input to the 'id' parameter of the 'index.php' script when 'task' is set to 'showarticles'. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the context of the affected application. This may allow the attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.

Joomla component rekry!Joom (op_id) <=1.0.0 SQL injectIon.

A SQL injection vulnerability exists in Joomla component rekry!Joom (op_id) version 1.0.0 and below. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary queries.

PHP-Nuke Platinum , Forums(Standart) – magic_quotes_gpc = OFF , SQL Injection

The file includes/dynamic_titles.php is vulnerable to SQL Injection - lines: 44 - 427. If the file maintenance/index.php is on the server, magic_quotes_gpc can be turned off. This allows for the bypassing of the SQL Injection protection and file write is possible.

Recent Exploits: