PaoLiber 1.1 is vulnerable to an authentication bypass vulnerability due to the register_globals setting being set to 'on'. An attacker can exploit this vulnerability by sending a crafted HTTP request with the parameter 'login_ok' set to '1' to the vulnerable application.
PaoLink 1.0 is vulnerable to an authentication bypass vulnerability due to the register_globals setting being set to 'on'. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the login.php page with the login_ok parameter set to '1'.
MP3 Studio v1.0 is vulnerable to a buffer overflow vulnerability when processing specially crafted mpf files. This exploit is based on PoC/findings by HACK4LOVE and tested on WinXP SP3. The exploit uses addresses from xuadio.dll which is shipped with the package.
In-Portal v 4.3.1 is vulnerable to a shell upload vulnerability. An attacker can register in the site, go to their profile, upload a shell.php file, and then get a shell by accessing the file at http://www.xxx.com/path/kernel/images/shell.php
This exploit is a Remote Blind SQL Injection vulnerability in PunBB Reputation.php Mod <= v2.0.4. It allows an attacker to gain access to the database of the website. The exploit is coded in Perl and uses LWP::UserAgent, HTTP::Cookies, HTTP::Request::Common, Time::HiRes and IO::Socket modules. It takes three arguments, username, password and ID, and uses a POST request to login and then uses a Blind SQL Injection to gain access to the database.
PHP AS v4 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries to view, add, modify or delete records in the back-end database.
The vulnerability exists in the 'paidbanner.php' script, which allows an attacker to inject arbitrary SQL commands via the 'ID' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script. This can be done by appending the SQL injection string to the vulnerable parameter in the HTTP request.
SerWeb versions 2.1.0-dev1 and prior are vulnerable to multiple remote file inclusion vulnerabilities. An attacker can exploit these vulnerabilities by sending a specially crafted HTTP request containing malicious PHP code. This code will be executed on the vulnerable server.
Magician Blog version 1.0 is vulnerable to an authentication bypass vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow an attacker to bypass authentication and gain access to the application.
Magician Blog version 1.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials and other sensitive data.
Services By CQR