Fluorine CMS - Halite 0.1 rc 1 is vulnerable to SQL injection. The exploit uses the load_file() MySQL function to disclose local files on the server, and uses the mysql_query() function to execute remote commands.
A vulnerability exists in BlueBird Pre-Release, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the application not properly sanitizing user-supplied input passed to the 'username' parameter in the 'login.php' script. This can be exploited to bypass authentication by entering ' or '1=1' as username.
MyNews 0_10 is vulnerable to an authentication bypass vulnerability due to insufficient input validation. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with the ' or '1=1' payload to the vulnerable application. This will bypass the authentication process and allow the attacker to gain access to the application.
AuthPhp 1.0 is vulnerable to an authentication bypass vulnerability due to improper input validation. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with the ' or '1=1' payload to the login.php page. This will bypass the authentication process and allow the attacker to gain access to the application.
Bugged file is /[path]/admin.php. Exploit: javascript:document.cookie = "user=../../../../../../../../../../etc/passwd%00; path=/"
This exploit is for the q-news 2.0 software. It is a remote command execution vulnerability which allows an attacker to execute arbitrary commands on the vulnerable system. The exploit uses a malicious URL to inject malicious code into the settings.php file which is then used to execute arbitrary commands on the vulnerable system.
Papoo CMS 3.6 is vulnerable to Local File Inclusion. An attacker can exploit this vulnerability to include local files on the server. This can be exploited to view sensitive files on the server or to execute arbitrary code. The vulnerability is caused due to the 'pfadhier' parameter in 'message_class.php' script not properly sanitized before being used to include files. This can be exploited to include arbitrary files from local resources.
If register_globals is set to Off, an attacker can exploit a Local File Inclusion vulnerability in Thyme 1.3 by sending a specially crafted HTTP request to the export.php script. This will allow the attacker to read arbitrary files on the server.
Gaeste 1.6 is vulnerable to a remote file disclosure vulnerability. This vulnerability is due to insufficient sanitization of user-supplied input to the 'start' parameter in 'gastbuch.php'. An attacker can exploit this vulnerability to disclose sensitive information from arbitrary files on the vulnerable system.
This exploit is a modified version of Andres Lopez Luksenberg's exploit for Authentication Failure scenario in TightVNC. It creates a socket connection and sends a RFB 003.008 message to the client. It then sends a series of messages to the client, including a string of 10000 'A's, which causes the server to crash. This exploit is related to BID 33569 and CVE-2009-0388.
Services By CQR