Total Video Player V1.31 is vulnerable to a local stack overflow vulnerability. An attacker can exploit this vulnerability by sending a specially crafted malicious file to the victim. This will cause a buffer overflow and allow the attacker to execute arbitrary code on the victim's system.
Dodo's Quiz Script is prone to a local file inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to view sensitive files on the affected computer; this may aid in further attacks.
This exploit allows an attacker to execute arbitrary commands on the vulnerable system. The exploit works by creating a new language file with malicious code and then editing it to execute the code. The exploit was tested on a local system with magic quotes set to off.
AJAuctionPro OOPD v2.3 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Max.Blog 1.0.6 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries in the back-end database, allowing the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
This exploit is used to gain access to the username and password of a Joomla website using the com_waticketsystem component. The exploit uses a blind SQL injection technique to extract the username and password from the database. The exploit is executed by passing the URL of the website as an argument to the exploit script.
Due to insufficient validation of client-side data, an attacker can inject script directly into the code displayed as an advertisement to users. When making a new advertisement (or editing an old one), an attacker can fill the Ad Name field with malicious code and submit the form as usual. Whenever that particular ad is viewed, the script is executed.
Due to insufficient validation of client-side data, an attacker can alter the path of files to be read to a file outside the intended directory. The following PoC will read a file named 'test.txt' one level above the application folder.
RCBlog 1.03 is vulnerable to an authentication bypass vulnerability. By default, the application provides public access to the text file which stores the MD5 hashes of the username/password and these can be found at http://www.example.com/rcblog/config/password.txt. By combining the hashes into one large string and crafting it in a “rcb_id” cookie in the following order: Directory -> IP Address -> Username -> Password, an attacker can gain administrative privileges.
Gallery Kys 1.0 is vulnerable to an admin password disclosure and permanent XSS. The admin password is stored in plaintext in the config.inc file, which can be accessed directly. Additionally, the uploadform.php file does not properly filter user input, allowing an attacker to inject malicious JavaScript code into the description field.
Services By CQR