content management system Mura CMS found a number of information disclosure vulnerability. An attacker can learn the version and type of database driver, database name, structure and format of some DBMS tables, column names, their type and size information about the Web server and virtual machine, Java. The vulnerability exists due to the error message when you try to write in the database values is not suitable for the format.
Mongoose Web Server <= 2.8.0 is a Windows based HTTP server. This is the latest version of the application available. Mongoose is vulnerable to remote arbitrary source code disclosure by the following means. http://[ webserver IP][:port]/[ file ][/] http://172.16.2.101:8080/index.html/ http://172.16.2.101:8080/index.php/
A stack-based buffer overflow vulnerability exists in Millenium MP3 Studio v2.0. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to a boundary error when handling .mpf files. An attacker can exploit this vulnerability by enticing a user to open a specially crafted .mpf file with the vulnerable application. This will trigger a stack-based buffer overflow and allow the attacker to execute arbitrary code.
A stack-based buffer overflow vulnerability exists in Millenium MP3 Studio v2.0. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. The vulnerability is due to a boundary error when handling .m3u files. An attacker can exploit this vulnerability by enticing a user to open a specially crafted .m3u file with the vulnerable application.
An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'category' in the URL. The malicious query will be executed in the backend database, allowing the attacker to access sensitive information such as usernames and passwords.
A SQL injection vulnerability exists in Joomla Component com_jshop, which allows an attacker to execute arbitrary SQL commands via the 'pid' parameter in a 'index.php' request. An attacker can exploit this vulnerability to gain access to sensitive information in the back-end database, such as usernames and passwords.
A vulnerability in Joomla JD-WordPress allows an attacker to execute arbitrary code on the vulnerable system by including a malicious file via a specially crafted URL. This vulnerability is due to insufficient sanitization of user-supplied input to the 'mosConfig_absolute_path' parameter of the 'wp-feed.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable system. Successful exploitation of this vulnerability can result in arbitrary code execution in the context of the web server process.
A vulnerability in the Joomla component com_booklibrary allows remote attackers to include arbitrary files via a URL in the mosConfig_absolute_path parameter to releasenote.php.
A Remote File Include (RFI) vulnerability exists in Joomla Component com_ajaxchat. The vulnerability is due to the 'ajcuser.php' script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to include arbitrary files from remote hosts and execute arbitrary PHP code on the vulnerable system.
Multiple Vulnerabilities exist in Jetty software.
Services By CQR