RadLance Gold v7.5 is vulnerable to multiple remote vulnerabilities, including SQL Injection and Blind SQL Injection. An attacker can exploit these vulnerabilities by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
RadBIDS GOLD v4 is vulnerable to multiple remote vulnerabilities such as SQL Injection and XSS. An attacker can exploit these vulnerabilities to gain access to sensitive information such as user credentials, version information, etc. The vulnerability can be exploited by sending a specially crafted SQL query or XSS payload to the vulnerable application.
This exploit is used to gain access to the admin panel of WebVision 2.1 (n) by exploiting a SQL injection vulnerability. The exploit uses an LWP::UserAgent to send a GET request to the target website with a malicious payload. The payload is designed to extract the admin username and password from the 'users' table. If successful, the exploit will return the admin username and password.
A stack-based buffer overflow vulnerability exists in HTMLDOC versions 1.8.27.1, 1.8.27, and 1.8.24. An attacker can exploit this vulnerability by launching HTMLDOC from a directory and adding a malicious file. This will cause a buffer overflow and allow the attacker to execute arbitrary code.
A Blind SQL Injection vulnerability exists in Joomla Component Jobline version 1.1.3.1 and earlier. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input in the 'search' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to the database and execution of arbitrary SQL commands.
This exploit is for Easy RM to MP3 Converter .m3u file Universal Stack Overflow. It is different from the first exploit .pls. It is a buffer overflow exploit which uses a malicious .m3u file to execute a payload of calc.exe. The exploit is written in Perl and uses a universal return address.
The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'vote.php' script. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable website. Also, an attacker can include a local file from the vulnerable server.
A SQL injection vulnerability exists in Ger Versluis 2000 version 5.5 24 SITE_fiche.php. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
The vulnerability is present in the comment section of the blog. An attacker can inject HTML/XSS code in the comment section and submit it. The code will be executed when the page is loaded. An attacker can also inject SQL code in the username field of the admin page and leave the password field blank to gain access to the admin page.
A vulnerability in AJAX Poll allows an attacker to bypass authentication and administrate the poll.
Services By CQR