A vulnerability exists in PHPRESIDENCE 0.7.2 which allows an attacker to inject malicious SQL queries via the 'id_sessione' parameter in the 'visualizza_tabelle.php' script. By sending a specially crafted request, an attacker can execute arbitrary SQL commands on the underlying database server.
An input validation error in the URL request handling in mwGetLocalFileName() function (http.c) can be exploited to disclose arbitrary files (and also Directory listing) outside the web root via directory traversals attacks via the " /.%2e/" or "/%2e%2e/" sequences. There is also heap based buffer overflow in this web server. The vulnerability is caused due to a boundary error in _mwProcessReadSocket() function (http.c) when handling HTTP requests. This can be exploited by sending an overly long, specially crafted request, which can cause a heap overflow and allow arbitrary code execution with the privileges of the web service.
SQL Injection vulnerability exists in the inc/receivertwo.php file due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious payload to the vulnerable file. This can allow the attacker to gain access to the database and execute arbitrary SQL queries. Password Change Bypass vulnerability exists in the functionz/usercp.php file due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious payload to the vulnerable file. This can allow the attacker to bypass the password change process and gain access to the user account.
AfterLogic WebMail Pro .NET is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to view sensitive files on the affected computer, potentially resulting in further attacks.
Aria has Local File Include vulnerability in page arias/help/effect.php. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request containing a specially crafted URL to the vulnerable server. The URL contains the page parameter with the value of the file to be included.
Blogcms system has multiple security vulnerabilities: 1. Multiple SQL Injections, 2. Multiple Linked XSS, 3. Multiple Linked SiXSS. Attacker can inject SQL code in index.php. Parameter name 'blogid' and in module /blogcms/action.php. POST parameter name 'user'. Linked XSS vulnerability found in /photo/admin.php and /photo/index.php attacker can inject XSS script in URL. Linked SiXSS vulnerability found in /photo/admin.php and /photo/index.php attacker can inject XSS script in URL.
A vulnerability exists in FaScript FaPersianHack v1 which allows an attacker to inject arbitrary SQL commands via the 'id' parameter in 'show.php'. This can be exploited to gain access to the admin username and password stored in './admin/pconfig.php' by using the 'load_file' function in MySQL.
A vulnerability exists in FaScript FaPersian Petition which allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'show.php' script. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.
A vulnerability exists in FaScript FaName v1 which allows an attacker to remotely inject arbitrary SQL commands. The vulnerability is due to the 'id' parameter in 'page.php' not properly sanitizing user-supplied input. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable script. This can allow the attacker to gain access to the administrator's username and password which is stored in './admin/pconfig.php' file.
A vulnerability exists in FaScript FaMp3 v1, which allows an attacker to inject arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'show.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands. This can allow the attacker to gain access to the admin username and password stored in the 'pconfig.php' file.
Services By CQR