The vulnerability exists due to insufficient sanitization of user-supplied input in 'currid' parameter of 'rezeptanzeige.php' script and in 'outfile' parameter of 'dumpdb.php' script. A remote attacker can execute arbitrary SQL commands in application's database, disclose arbitrary files from the server and gain access to sensitive information. The vulnerability is confirmed in version 1.0.0. Other versions may also be affected.
A Full Path Disclosure and XSS vulnerability was discovered in ckeditor 4.0.1 standard. The vulnerability exists due to insufficient sanitization of user-supplied input in posteddata.php file. A remote attacker can exploit this vulnerability to disclose sensitive information and execute arbitrary HTML and script code in a user's browser session in context of the vulnerable website.
This module exploits a vulnerability found in OpenEMR 4.1.1 By abusing the ofc_upload_image.php file from the openflashchart library, a malicious user can upload a file to the tmp-upload-images directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on OpenEMR 4.1.1 over Ubuntu 10.04.
This exploits a stack buffer overflow in BigAnt Server 2.97 SP7. The vulnerability is due to the dangerous usage of strcpy while handling errors. This module uses a combination of SCH and DUPF request to trigger the vulnerability, and has been tested successfully against version 2.97 SP7 over Windows XP SP3 and Windows 2003 SP2.
The RTTucson Quotations Database Script is vulnerable to MySQL Injection and XSS. The author.php and category_quotes.php scripts are vulnerable to MySQL Injection when the ID parameter is manipulated. The quote_search.php script is vulnerable to XSS when the keywords parameter is manipulated.
Input passed to the 'dl' parameter in 'install.php' script is not properly sanitised before being used to get the contents of a resource or delete files. This can be exploited to read and delete arbitrary data from local resources with the permissions of the web server via directory traversal attack.
Scripts Genie Hot Scripts Clone Script is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
Cometchat is a application which can be used in many site for example phpFox, Wordpress, Joomla, MyBB, Elgg etc. The vulnerability is a code execution and XSS vulnerability which can be exploited by calling the php functions and cometchat function without arguments and by using a malicious script respectively.
An attacker can exploit this vulnerability by sending a specially crafted URL to the application. The URL contains malicious code which is then executed by the application. This can be used to gain access to sensitive information or to execute malicious code on the server.
The vulnerability is caused by missing input validation in the pppoe_username parameter and can be exploited to inject and execute arbitrary shell commands. It is possible to upload and execute a backdoor to compromise the device.
Services By CQR