A remote blind SQL injection vulnerability exists in Article Directory. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable page.php script in order to execute arbitrary SQL commands in the back-end database.
A vulnerability exists in Your Articles Directory which allows an attacker to bypass authentication and inject malicious JavaScript code into the application. An attacker can exploit this vulnerability by sending a crafted request to the application with a malicious JavaScript code in the title and content fields. If the admin visits the page, the malicious JavaScript code will be executed and the admin's cookie will be sent to the attacker's server.
This exploit allows remote attackers to execute arbitrary code on vulnerable installations of ChinaGames CGAgent.dll. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CreateChinagames() function of the CGAgent.dll ActiveX control. The problem is that the control fails to properly validate user-supplied input resulting in a stack-based buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of the user running the browser.
A vulnerability in the config.dll ActiveX control of BaoFeng allows remote attackers to execute arbitrary code via a crafted argument to the SetAttributeValue function.
A vulnerability in VICIDIAL call center suite allows an attacker to bypass authentication and gain access to the administrative panel. This is done by entering ' or '1=1 as the username and password when prompted for authentication.
Cadaver 0.23.2 is vulnerable to a directory traversal vulnerability. This vulnerability allows an attacker to access files and directories that are stored outside the web root folder. The vulnerability exists due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable server. Successful exploitation of this vulnerability can result in unauthorized access to sensitive files and directories.
CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary commands with the permissions of the executing user. This may result in untrusted Java applets executing arbitrary code merely by visiting a web page hosting the applet.
Jorp is vulnerable to a remote file include vulnerability. This vulnerability is caused due to the use of user-supplied input without proper validation. This can be exploited to execute arbitrary PHP code by including files from remote resources. Successful exploitation of this vulnerability requires that 'register_globals' is set to 'on' and that the vulnerable script is directly requested with the malicious URL. The vulnerable code is located in the 'index.php' script. The following example URL is available: http://[target]/[path]/index.php?x=[malicious_code]&y=1. The malicious code will be executed by the vulnerable script.
forum bspeak v1.10 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the HTTP request. For example, an attacker can send a malicious SQL query to the vulnerable parameter ‘forumid’ in the HTTP request as follows: http://www.26thavenue.com/bspeakdemo/forum/index.php?action=post&forumid=3+AND%20SUBSTRING(@@version,1,1)=4. If the application is vulnerable, the attacker can gain access to the database and can execute arbitrary SQL queries.
The path of the control panel is http://localhost/php_article_publisher/publisher/admin.php. The panel requires a username and password. The exploit is to enter http://localhost/php_article_publisher/publisher/admin.php?id=1, which will bypass the authentication and grant the user full permissions.
Services By CQR