An SQL injection vulnerability in the Joomla component Gigcal allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to index.php.
BibCiter 1.4 is vulnerable to multiple SQL injection vulnerabilities due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as usernames and passwords, or to modify the contents of the database.
MPlayer 1.0rc2 is vulnerable to a stack buffer overflow when processing a specially crafted TwinVQ (.vqf) file. This vulnerability can be exploited by an attacker to execute arbitrary code on the vulnerable system. The vulnerability is caused due to a boundary error when copying data from the TwinVQ file into a fixed-length buffer on the stack. This can be exploited to cause a stack-based buffer overflow by supplying a specially crafted TwinVQ file with an overly long header field.
AJClassifieds Merchandise is prone to a remote file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
AJClassifieds Personals is prone to a remote file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
AJClassifieds Realestate is prone to a remote file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
The BlogIt! application is vulnerable to SQL injection, directory traversal and XSS attacks. An attacker can exploit the SQL injection vulnerability by sending malicious SQL queries to the vulnerable parameter 'day' in the 'index.asp' page. The directory traversal vulnerability can be exploited by accessing the 'Blog.mdb' file in the 'database' directory. The XSS vulnerability can be exploited by sending malicious JavaScript code to the 'view' parameter in the 'index.asp' page.
The vulnerability is a combination of DD, XSS and CM. DD is a vulnerability that allows an attacker to download the database file topsites.mdb from the path /database/. XSS is a vulnerability that allows an attacker to inject malicious JavaScript code into the siteID parameter of the rankup.asp page. CM is a vulnerability that allows an attacker to inject malicious meta tags into the siteID parameter of the rankup.asp page.
This exploit allows an attacker to overwrite a file on the target system. The vulnerability exists in the SaveToBMP() function of the MetaTreeX ActiveX control, which is identified by the CLSID {67E66985-F81A-11D6-BC0F-F7B40157DC26}. The SaveToBMP() function allows an attacker to specify a file path, which can be used to overwrite an existing file on the target system.
A vulnerability in the Ping IP application allows an attacker to bypass authentication by entering ' or '1 as the username and password.
Services By CQR