An attacker can exploit a SQL injection vulnerability in Joomla! Component Intranet Attendance Track v2.6.5 to execute arbitrary SQL commands on the vulnerable system. This can be done by sending maliciously crafted requests to the vulnerable application. The vulnerable parameters are 'month', 'year', 'weekstartdate', 'userid', 'user', 'month', 'idPromocion', 'rutaSalida', and 'rutaDestino'.
This program does not filter filtering on the special character when expressing the data from memcached on the web. When XSS attacks and HTML code are inserted in the memcached, user who accesses the page will run the XSS code.
A use-after-free vulnerability exists in MSHTML!Layout::MultiColumnBoxBuilder::HandleColumnBreakOnColumnSpanningElement when reading from address 0000007800000070. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. This vulnerability affects 64-bit IE (running in single process mode) running on Windows Server 2012 R2.
This vulnerability is a use-after-free vulnerability in the Frame::setDocument function. It occurs when a frame is set to a new document, and then the unload event handler is called. If the frame is set to a new document again in the unload event handler, the prepareForDestruction function is never called, which means the frame will never be detached from the new document. This can be exploited by setting the frame to a malicious page in the unload event handler, which can then execute arbitrary code.
A SQL injection vulnerability exists in Joomla! Component Community Quiz v4.3.5. An attacker can send a specially crafted HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. This can potentially result in the manipulation or disclosure of application data.
An unauthenticated attacker can inject arbitrary SQL commands into the 'catid[]' parameter of the 'index.php?option=com_gpstools&view=search' page. This can be exploited to read arbitrary data from the database, including passwords and other sensitive information.
When the new page is loading, FrameLoader::clear is called to clear the old document and window. The new document's window is attached at (1) before calling |m_frame.setDocument(nullptr)| that calls unload event handlers. So in the unload event handler, we could execute arbitrary javascript code on new document's window with a javascript: URI.
The vulnerability exists due to insufficient filtration of user-supplied input in the 'list_filter' and 'catid[]' parameters of the 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to disclose sensitive information, modify data, delete data and compromise vulnerable system.
An attacker can exploit a SQL injection vulnerability in Joomla! Component Community Surveys v4.3 to gain access to the database. By sending a specially crafted HTTP request to the vulnerable application, an attacker can execute arbitrary SQL commands in the back-end database. This can be used to access or modify data in the back-end database, or to gain access to the underlying file system and operating system.
A SQL injection vulnerability exists in Joomla! Component AJAX Search for K2 v2.2. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials, or to modify or delete data.
Services By CQR