My Gaming Ladder Combo System 7.5 is vulnerable to SQL Injection. Attackers can exploit this vulnerability by sending malicious SQL queries to the vulnerable web application. This can be done by appending malicious SQL queries to the vulnerable parameters in the URL. For example, http://localhost/[PATH]/game.php?gameid=[SQL], http://localhost/[PATH]/news.php?newsid=[SQL], http://localhost/[PATH]/teams.php?teamid=[SQL], http://localhost/[PATH]/match.php?matchid=[SQL], staff, staffaccess, staffcomments, teammembers, teammembersinv, teams.
Login as regular user and access http://localhost/[PATH]/svv_questions_list.php?mastertable=svv_surveys&masterkey1=[SQL] to exploit the vulnerability.
Quiz Template v1.0 for ASPRunnerPro/PHPRunner is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'testid' parameter in the 'quiz_responses_add.php' script.
The vulnerability exists due to improper sanitization of user-supplied input in the 'masterkey1' and 'search' parameters of the '/replies/list' and '/topics/list' scripts. A remote attacker can execute arbitrary SQL commands in the application's database, cause denial of service, access or modify sensitive data, exploit various vulnerabilities in the underlying database, etc.
A SQL injection vulnerability exists in Calendar v2.0 for ASPRunnerPro/PHPRunner/ASPRunner.NET. An attacker can send a specially crafted HTTP request to the vulnerable caldaily_view.php script with malicious SQL code, which will be executed in the backend database.
A SQL injection vulnerability exists in Shopping Cart Template v1.0 for ASPRunnerPro/PHPRunner, which allows an attacker to execute arbitrary SQL commands via the 'item' parameter in the 'shopinventory_list.php' script.
Login as regular user and access http://localhost/[PATH]/Share_add.php?hash=[SQL]
An attacker can exploit a SQL injection vulnerability in Invoice Template v1.0 for PHPRunner/ASPRunnerPro/ASPRunner.NET. by sending a malicious SQL query to the vulnerable web application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials, or even execute arbitrary code on the server.
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. We found that Faveo have CSRF vulnerability that can be used to manipulate role agent to admin.
We found two vulnerabilities affecting the Intellinet NFC-30IR Camera with firmware version LM.1.6.16.05. Once authenticated as admin:admin, you can read local files by requesting the '/cgi-bin/admin/fileread?READ.filePath=<insert here>'. There is no sanitization nor lock-down of what paths that script can read, hence all files can be viewed. Interesting files to request are; /etc/passwd; /etc/boa.conf and more. A manufacturer backdoor exists that allows one to access a script called '/cgi-bin/mft/manufacture' by authenticating as manufacture:erutcafunam.
Services By CQR