Directory Listing: An attacker can view the directory structure of the application. XSS: An attacker can inject malicious JavaScript code into the application. CSRF: An attacker can add or remove friends, remove messages, and redirect users to malicious websites. Full Path Disclosure: An attacker can view the full path of the application. User Redirection: An attacker can redirect users to malicious websites.
Absolute Shopping Cart is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
This exploit is for 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72 running on Software Version 2.06T13 (Apr 2007, last version for these routers). The bug can be exploited with Tamper Data (Firefox Addon) too. The exploit is written in Ruby and can be used to send a malicious HTTP packet with a Content-Type value that causes the DoS. 8.times is enough to DoS.
This PoC exploit is for the TLS renegotiation vulnerability (CVE-2009-3555). It is a vulnerability in the TLS protocol which allows an attacker to inject plaintext into an otherwise encrypted communication. The attacker can inject data into the TLS connection by sending a TLS renegotiation request. This request can be sent in the middle of a TLS connection, allowing the attacker to inject plaintext into the encrypted communication.
Ultimate Uploader 1.3 is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server by accessing the upload page of the script. The malicious file can be uploaded with any extension and can be accessed from the upload folder. This can be used to gain remote code execution on the server.
This exploit is a buffer overflow vulnerability in the win32_exec module of Metasploit. It allows an attacker to execute arbitrary code on the target system by overflowing a buffer with malicious code. The exploit uses an encoder called PexFnstenvMov to encode the malicious code and then injects it into the vulnerable application.
The vulnerability exists in the Angelo-emlak v1.0 script, which is written in ASP language. An attacker can exploit this vulnerability by accessing the angelo.mdb file located in the veribaze directory of the target website.
A SQL injection exploit is found in Drumbeat CMS. The vulnerability exists in where there is an index.php page, such as index02.php?id=5. or index03.php?id=2. Dork: 'Powered by Drumbeat' inurl:index02.php. Code: http://www.site.com/index02.php?id=-2+UNION+SELECT+ALL+group_concat(email,0x3a,username,0x3a,password)+from+auth_users--. You can usually replace the http://www.site.com/ with any site that is vulnerable to SQL injection.
A vulnerability exists in the phUploader script which allows an attacker to upload a malicious file to the server. The attacker can then access the malicious file by visiting the URL http://{target}/script path/uploads/shell.php.flac. A video demonstration of the exploit is available for download at http://filaty.com/f/912/99431/up5.rar.html.
The vulnerability exists due to the presence of a file named 'sb.mdb' in the '/App_Data/' directory, which contains the database information. An attacker can exploit this vulnerability by accessing the file directly via a web browser.
Services By CQR