The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'id' parameter in 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit latent vulnerabilities in the underlying database and compromise the system.
SmartVmd ActiveX V 1.1 is vulnerable to a remote file deletion exploit. The StartVideoSaving() insecure method allows attackers to delete files in the victim's PC. The exploit code is written in JavaScript and can be triggered by clicking on a button.
This exploit allows an attacker to overwrite a file on the target system. The exploit uses the SaveMaskToFile method of the SmartVmd ActiveX control (clsid:{E3462D53-47A6-11D8-8EF6-DAE89272743C}) to overwrite the file. The exploit is triggered by clicking on a malicious button.
This exploit is a blind SQL injection vulnerability in the Joomla com_pccookbook component. It allows an attacker to extract the password of a user from the Joomla database. The exploit uses a brute-force attack to guess the password character by character.
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
This exploit allows an attacker to execute arbitrary commands on a vulnerable Fhimage 1.2.1 web application. The exploit works only when register_globals and magic_quotes_gpc are both set to On. The exploit injects malicious code into the configuration file of the application and then executes the code via a GET request.
This exploit allows an attacker to change the content of the index.php file of Fhimage 1.2.1, a web-based image gallery. The exploit works by sending a POST request to the imgconfig/index.php?mode=write file with the string to inject as a parameter.
ESPG (Enhanced Simple PHP Gallery) 1.72 is vulnerable to a file disclosure vulnerability. This vulnerability is due to an input validation error when handling user-supplied input. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters to the vulnerable application. This can allow the attacker to view arbitrary files on the system, potentially resulting in the disclosure of sensitive information.
This exploit allows an attacker to bypass authentication by entering ' or ' 1=1 as the username and password.
DS-IPN Paypal Shop is prone to a remote database disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue affects the 'Database/Sales.mdb' file.
Services By CQR