A Directory Traversal vulnerability was discovered in Joomla Component Cmimarketplace. An attacker can exploit this vulnerability to gain access to sensitive files and directories stored on the server. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'viewit' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '/../../') to the vulnerable script. Successful exploitation of this vulnerability may result in unauthorized access to sensitive files and directories stored on the server.
An attacker can exploit this vulnerability by sending a crafted URL to the vulnerable application. The crafted URL contains malicious SQL code in the ‘article’ parameter of the ‘com_mailto’ component. This code is executed in the backend database, allowing the attacker to access or modify the data in the database.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'category' in the 'index.php' script. This can allow the attacker to view sensitive information from the database such as usernames and passwords.
It's possible for remote attackers to upload arbitrary files by using FCKEditor after login to admin area.
This vulnerability affects all Drake CMS >= 0.4.6 and Lanius CMS <= 0.5.2 r1050. It is possible to inject a null char to bypass the extension's check by passing a filename e.g. test.php%00.jpg. This function returns 'jpg', but the file will be saved as test.php by move_uploadad_file() function.
Family Connections version 1.8.2 and below is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by setting a malicious cookie with the name 'fcms_login_id', 'fcms_login_uname' and 'fcms_login_pw' containing a malicious SQL query. This malicious SQL query is then used in the 'isLoggedIn' function in the 'util_inc.php' file to bypass the authentication system.
This code can predict the WPA2-PSK key for Pirelli Discus DRG A225 WiFi router by entering the last 6 characters of the SSID. The SSID should be 'Discus--XXXXXX', where XXXXXX is the last 6 characters.
A code manipulation vulnerability exists in the XSLT.XSL and XMLCrash.XML code. An attacker can manipulate the code to change the EAX value from 00000000 to 00000031 or 017ED9A0, which can lead to a crash.
A vulnerability exists in FlexCMS Calendar(ItemId) which allows an attacker to inject malicious SQL queries into the application. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. An attacker can exploit this vulnerability to gain access to the application and its data.
A buffer overflow vulnerability exists in Xbmc get request remote due to improper bounds checking which could allow an attacker to execute arbitrary code on the target system. This vulnerability affects all versions of Xbmc. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable system. Successful exploitation of this vulnerability could result in arbitrary code execution on the target system.
Services By CQR