A buffer overflow vulnerability exists in Pipl 2.5.0, which allows an attacker to execute arbitrary code by sending a specially crafted .m3u file. The vulnerability is due to the application not properly validating the length of user-supplied data before copying it to a fixed-length buffer. An attacker can exploit this vulnerability by sending a malicious .m3u file to the target system, which will trigger a stack-based buffer overflow and allow the attacker to execute arbitrary code on the target system.
A vulnerability in Uiga Church Portal allows an attacker to inject arbitrary SQL commands via the 'view' parameter in index.php. This can be exploited to gain access to the database and potentially gain access to sensitive information.
An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the HTTP request. The malicious SQL query can be used to extract sensitive information from the database, modify the existing data, execute administration operations on the database, etc.
phpSANE v 0.5.0 is vulnerable to a remote file inclusion vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the server.
An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by manipulating the 'cat' parameter in the 'browse' action of the vulnerable application. An attacker can use the UNION operator to combine the results of two or more SELECT statements into a single result set.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'string' in the 'list.php' script. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
Open Auto Classifieds is a vehicle listings manager that is popular with car dealer websites. It's written in PHP + MySQL and is available free at http://openautoclassifieds.com/. Multiple vulnerabilities exist in Open Auto Classifieds. These vulnerabilities can be exploited to allow access to read any information from the database, attack web browser clients through the web site, disclose the file path of the application and execute any arbitrary command on the web server.
Discuz! Plugin Crazy Star version 2.0 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
This exploit is for TFTPUtil GUI 1.3.0 GUI Remote Denial Of Service vulnerability. It sends a crafted payload of 384 A characters to the target system on port 69. This causes the application to crash.
Moa Gallery version 1.2.0 and prior are vulnerable to a remote file disclosure vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'p_filename' parameter in the '_template_parser.php' script. An attacker can exploit this vulnerability to disclose sensitive files from the server.
Services By CQR