A SQL injection vulnerability exists in Joomla! Component JO Facebook Gallery v4.5. An attacker can send malicious SQL queries to the application by manipulating the 'id' parameter in the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
A SQL injection vulnerability exists in Joomla! Component JooDatabase v3.1.0. An attacker can send malicious SQL queries to the application by manipulating the 'search' and 'searchfield' parameters in the 'index.php' script. This can allow the attacker to read, modify or delete data from the database.
HelpViewer is an application and using WebView to show a help file. It has an inside protocol handler 'x-help-script' that could be used to open an arbitrary local file. HelpViewer checks whether the path of the url is in a valid help file or not. But this can be bypassed with a double encoded '../'. The PoC provided will pop up a Calculator.
Joomla! Component MultiTier v3.1 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application. This can be exploited by sending a specially crafted SQL query to the vulnerable parameter in the application.
A SQL injection vulnerability exists in Joomla! Component UserExtranet v1.3.1. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
A SQL injection vulnerability exists in Joomla! Component Store for K2 v3.8.2. An attacker can send a specially crafted HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. This can potentially result in the manipulation or disclosure of application data.
Multiple SQL injection vulnerabilities exist in Mail Masta (aka mail-masta) plugin 1.0 for Wordpress. The vulnerabilities exist in the csvexport.php, view-list.php, and count_of_send.php scripts, which fail to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary SQL commands in the application's back-end database, allowing for the manipulation or disclosure of arbitrary data.
Users that can access the Settings > Database Management page can achieve code execution as root on older versions of PCoIP MC 2.x. (Based on CentOS 7 x64). Database archives are extracted under /opt/jetty/tmpdeploy. By creating a malicious archive with a malicious web script that extracts to the known directory /opt/jetty/tmpdeploy/jetty-0.0.0.0-8080-console.war-_console-any- it is possible to add or modify class files and XML files pertaining to the application. The jetty user owns the file /opt/jetty/jetty_self_restart.sh, and the same user has sudo rights to run that file without a password. By manipulating this file, arbitrary code can be run as root.
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.
A layout bug in Chrome allows an attacker to leak data from a select element by using the execCommand('selectAll') method. This can be used to bypass ASLR by using the unicode-range CSS descriptor.
Services By CQR