An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, modify or delete data, or even execute commands on the underlying operating system.
This vulnerability allows an attacker to inject malicious SQL queries into the vulnerable application. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is caused due to the vulnerable parameter 'id' in the 'com_alberghi' component. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application.
An attacker can exploit this vulnerability by crafting a malicious SQL query and sending it to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
A SQL injection vulnerability exists in Iatek | ASPapp -links.asp (CatId) which allows an attacker to gain access to the admin login page. The attacker can use the dork ''links.asp?CatId'' to find vulnerable websites and then use the exploit www.xxx.com/path/login.asp?ret_page=%2Fzmicer%2Fweb%2Fadmin%2Easp%3Flinks.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,null,user_name,%205%20,password,null%20FROM%20Users to gain access to the admin login page.
A remote SQL injection vulnerability exists in Easy-Clanpage v2.2 (gallery). An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords.
KAPhotoservice is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable album.asp page. This can allow the attacker to gain access to the database and execute arbitrary code on the server.
A vulnerability in the Joomla component com_acajoom allows an attacker to inject arbitrary SQL commands. This is done by manipulating the 'mailingid' parameter in a 'view' action to the 'com_acajoom' component. This can be exploited to bypass authentication and gain access to the Joomla backend with administrative privileges.
When a python FTP retrlines() function bad command is sent and a new connection is created, the server gets DoSed.
MG-SOFT Net Inspector is a powerful fault management application with alarming subsystem that complies with the international alarm reporting recommendations (ITU X.733). The software lets you effectively monitor the status of network devices and manage alarms associated with devices in the supervised TCP/IP network. It is affected by a format string vulnerability located in the function which logs the clients requests in the log file, a classical directory traversal vulnerability which allows an attacker to read any file on the server system, a buffer-overflow vulnerability which can be triggered by sending a long SNMP community string, and a Denial of Service vulnerability which can be triggered by sending a long string to the port 5227.
Georgi Guninski's old code is still finding new bugs. The code loops the x's on milw0rm to find the bug. The original firefox vulnerability can be found at http://milw0rm.com/exploits/1233
Services By CQR