The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'cid' parameter to 'viewcat.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. Successful exploitation of this vulnerability may allow an attacker to gain access to sensitive information, modify data, or exploit vulnerabilities in the underlying database implementation.
kb.php?mode=article&k=-1+union+select+1,1,concat(user_id,char(58),username,char(58),user_password),4,5,6,7,8,9,10,11,12,13+from+phpbb_users+where+user_id+=2&page_num=2&cat=1
A SQL injection vulnerability exists in XOOPS Module My_eGallery 3.04. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability is due to insufficient sanitization of user-supplied input to the 'gid' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to the database.
XOOPS Module Gallery 0.2.2 is vulnerable to SQL injection. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The exploit is triggered by sending a specially crafted HTTP request to the vulnerable application. The request contains a malicious SQL statement that is executed by the backend database.
This exploit is used to gain access to the passwords of users stored in the qtiuser table of the QuickTalk Forum version 1.6 and below. The exploit uses a blind SQL injection vulnerability in the qtf_ind_search_ov.php file to extract the passwords in MD5 format.
Danneo CMS version 0.5.1 and below are vulnerable to a Remote Blind SQL Injection vulnerability. This exploit requires the “Referers statistics” option to be turned on. The exploit uses a query pattern and a verbose pattern to test the delay and extract the password. The query pattern is “-99' OR IF(%s,BENCHMARK(%d,MD5(31337)),1)/*” and the verbose pattern is “%-12s %2d: %s”. The exploit uses a loop count of 300000 and a user id of 1 by default.
This PoC allows a remote attacker to upload a file to an arbitrary location on the victim's machine and forge peer information on the log lines of the victim's application.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the 'id' parameter of the 'index.php' script. This can be exploited to disclose the application's database content.
A vulnerability exists in the FileBase MOD for phpBB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the 'id' parameter in 'filebase.php' isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow execution of arbitrary SQL commands.
A buffer overflow vulnerability exists in MailEnable SMTP Service when handling VRFY/EXPN commands. An attacker can send a specially crafted request containing an overly long string to the affected service, resulting in a denial of service condition.
Services By CQR