FileNice file browser is vulnerable to RFI and LFI attacks. The index.php file contains a security check for directory traversal, however, there is no check for RFI. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable application. This URL can contain a remote shell or a local file inclusion payload which can be used to gain access to the system.
A buffer overflow vulnerability exists in SimplePlayer v0.2 when a specially crafted .wav file is opened. This can be exploited to cause a denial of service condition when the application crashes.
This exploit allows an attacker to include a file from a remote server through a vulnerable application. The attacker can then execute arbitrary code on the server or perform other actions.
This exploit is a buffer overflow vulnerability in Windows Vista SP0. The exploit is written in Perl and creates a file called 'crash.asx' which contains a string of 500000 'A's. When the file is opened, the buffer is overflowed and the system crashes.
A remote SQL injection vulnerability exists in the Classified Ads Scrip, which is triggered when an attacker sends a maliciously crafted HTTP request to the store_info.php script with an id parameter. This can allow the attacker to execute arbitrary SQL commands on the underlying database, potentially resulting in the disclosure of sensitive information.
A remote SQL injection vulnerability exists in the list Web addlink.php script, which allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is triggered when an attacker sends a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. This can be exploited to gain access to sensitive information such as usernames and passwords stored in the database.
A remote SQL injection vulnerability exists in elkagroup (pid ) which allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is due to improper sanitization of user-supplied input in the 'cid' and 'uid' parameters of the 'property.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable server. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information stored in the database, or even full compromise of the vulnerable system.
Jax Calendar 1.34 suffers a remote admin access vulnerability. A POC is provided which involves accessing the calendar.admin.php file with a cal_id parameter set to 0 and a language parameter set to english.
A remote SQL injection vulnerability exists in the Classifieds Script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains malicious SQL statements that are executed in the backend database. The malicious SQL statement can be used to extract sensitive information from the database, such as usernames and passwords. The proof-of-concept (POC) code provided in the text can be used to exploit this vulnerability.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable page parameter. The crafted query can be used to extract sensitive information from the database such as usernames and passwords. The vulnerable page parameter is ‘page’ and the vulnerable parameter is ‘bi’. The crafted query is ‘index.php?page=30&bi=-1+union+select+1,concat(UserName,0x3e,Password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+FROM+tb_kuserfara--’, ‘index.php?page=30&bi=-1+union+select+1,concat(UserName,0x3e,Password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+FROM+bakact--’ and ‘index.php?page=30&bi=-1+union+select+1,concat(UserName,0x3e,Password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+FROM+bekhantemp--’.
Services By CQR