A remote SQL injection vulnerability exists in the CAFE ENGINE web application. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database, such as usernames and passwords.
The vulnerable code in admin.php creates a backup of the maillist.php file using the date() function. This allows an attacker to guess the database backup if they know when it was created. The vulnerable code in send.php allows for local file inclusion, which can be exploited by appending %00 to the end of the URL.
ZeroBoard4 (VERSION pl8 (07.12.17)) is most famous and widely used bulletin board system of Korea. It is freely available for all platforms that supports PHP and MySQL. There are Remote File Inclusion(?), Local File Inclusion, Blind sql injection vulnerability XSS, and Secret post view Vulnerability. Attacker can control all post in same board and view all secret post in same board.
WikkiTikkiTavi is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server without authentication. This can be exploited to execute arbitrary code on the server.
This exploit allows an attacker to inject malicious JavaScript code into the 'Miasto' field of the txtBB <= 1.0 RC3 application. When an admin enters the attacker's account, the malicious code is executed and the attacker's user is granted admin rights.
A vulnerability in ClearBudget v0.6.1 allows an attacker to download the database file budget.sqlite from the server. This can be done by accessing the URL http://site.il/db/budget.sqlite. The demo URL for this vulnerability is http://clearbudget.douteaud.com/demo/0-6-1//db/budget.sqlite.
dBpowerAMP Audio Player local buffer overflow exploit. This exploit was tested on Windows XP SP2 and Windows XP SP1. It allows an attacker to execute arbitrary code on the vulnerable system by creating a malicious .pls file and opening it with dBpowerAMP. The exploit can be used to execute calc.exe or bindshell LPORT=7777.
The vulnerability allows an attacker to read remote data, include local files, and execute remote XSS. The exploit can be triggered by sending a crafted HTTP request to the vulnerable server. The exploit is available at http://www.bookelves.com/kipper/files/kipper20.zip.
ClearBudget v0.6.1 is vulnerable to insecure cookie handling and local file inclusion. An attacker can exploit this vulnerability by setting a malicious cookie and including local files. The PoC for insecure cookie handling is javascript:document.cookie = "user=true; path=/" and the PoC for local file inclusion is http://127.0.0.1/path/index.php?action=../../../../boot.ini%00 and http://127.0.0.1/path/index.php?action=../db/budget.sqlite%00.
GR Note v0.94 beta is vulnerable to remote database disclosure. An attacker can exploit this vulnerability to gain access to the database and view sensitive information.
Services By CQR