header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Photokorn Gallery Remote SQL Injection

Photokorn Gallery is prone to a remote SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

All Club CMS <= 0.0.1f index.php Remote SQL Injection Vulnerability

Stripslashes function only deletes backslashes () and the backslashes doubles (\) becomes simple (). Exploit: http://[host]/accms_path/index.php?name=-1'/**/union/**/select/**/1,concat(account,0x3a,password,0x3a,email),3,4,5,6,7,8,9,1,1,1,1/**/from/**/accms_users/**/where/**/id=1/*

NERO Media Player <= 1.4.0.35b Remote Buffer Overflow( .M3U)

A maliciously crafted .M3U file can be used to cause a buffer overflow in Nero Media Player version 1.4.0.35b and earlier. The overflow occurs when the application attempts to read a URL from the file, which is longer than expected. This can be exploited to execute arbitrary code by tricking a user into opening a specially crafted .M3U file.

File Inclusion

All Club CMS 0.0.1f and maybe prior versions are vulnerable to File Inclusion vulnerability. The vulnerable code is a function __autoload which requires a file from the includes directory. The exploit is to send a malicious request to the server with the class_name parameter set to [LFI]%00. The server should have Register Globals and Magic_quotes_gpc set to On and Off respectively.

DSECRG-08-010

VHD Web Pack 2.0 system has Local file Include security vulnerability. Attacker can inject PHP code and execute OS commands with webserver user privileges. Vulnerable script /vhdwebpack/index.php vulnerable parameter 'page'. Example: http://[server]/vhdwebpack/index.php?page=/../../../../../../../../boot.ini

Joomla SQL Injection (com_shambo2)

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the ‘Itemid’ parameter of the ‘index.php’ script. The malicious query is designed to extract sensitive information from the database, such as usernames and passwords.

iTechBids v3 Gold Remote SQL injection

A vulnerability exists in iTechBids v3 Gold, which can be exploited by malicious people to conduct SQL injection attacks. The vulnerability is caused due to the bidhistory.php script not properly sanitizing user-supplied input to the 'item_id' parameter. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow execution of arbitrary SQL commands in the context of the webserver process. The vulnerability is confirmed in version 3.0. Other versions may also be affected.

Recent Exploits: