SMF Destroyer 0.1 is a perl script which can be used to exploit multiple vulnerabilities in Simple Machines Forum (SMF). It can be used to crack links password recovery, find temporary files executed by mods, DB function flood by error log, file path disclosure, list installed mods (useful to find mods vulnerable), etc.
A vulnerability exists in Joomla Component Portfol version 1.2, which allows an attacker to inject arbitrary SQL commands. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in the 'vcatid' parameter in a 'viewcategory' action to the 'index.php' script. Successful exploitation may allow an attacker to gain access to the database and compromise the application and the underlying system.
There is an include of a variable coming from GET --> $language. Filter $language before the include or just set its value with a local file.
Due to insufficient validation of client-side data, an attacker can alter the path of files to be deleted to a file outside the intended directory. The following PoC will delete a file named 'secret.txt' one level above the application folder. You must have already uploaded a file or you can visit APPLICATIONFOLDER/upload_log.txt (on a default installation) to ascertain the name of existing files.
A vulnerability exists in fttss version 2.0 and prior which allows remote attackers to execute arbitrary commands. This is due to a lack of sanitization of user-supplied input to the 'voz' parameter in the 'TFLivre.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request containing malicious commands to the vulnerable script. This will allow the attacker to execute arbitrary commands on the vulnerable system.
A vulnerability in Social Network Script allows an attacker to inject arbitrary SQL commands. This vulnerability is due to an error in the "index.php" script when handling the "id" parameter. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the vulnerable parameter 'comment_id' of the 'callcomments.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be exploited to disclose the content of the database, modify data, delete data, or exploit further vulnerabilities.
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'administrators_username' and 'administrators_pass' parameters of the 'admin-login.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow an attacker to gain access to the administrator's account.
This exploit is a continuation of the new method, shellhunting. It is a universal exploit that runs on every system and is very stable and will allow any shellcode (bind/reverse shell, dl/exec). It will work on ALL Windows NT versions (2k, XP, Vista). The exploit uses a certain address in memory to store a variable for the search and searches through 32 bytes at a time.
A vulnerability in BKWorks ProPHP 0.50 Beta 1 allows an attacker to bypass authentication by entering 'admin' as the username and '1=1' as the password.
Services By CQR