Traktor Pro suffers from a stack buffer overflow vulnerability when parsing playlist files (.nml) resulting in a crash. The user input is not properly sanitized which may give the attackers the possibility for an arbitrary code execution on the affected system. Failure of exploitation may result in a denial of service.
An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. The malicious query can be sent via the 'cat_id' parameter in the URL. The attacker can use the UNION operator to append the malicious query to the existing query and extract sensitive information from the database.
This exploit allows an attacker to change the admin password of PloggerGallery Version 1.0 by using a Cross-Site Request Forgery (CSRF) attack. The attacker can set the admin username, email, password, and confirm password fields to any value they choose. The exploit is triggered when the attacker submits the form.
A buffer overflow vulnerability exists in Minishare 1.5.5 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by placing a specially crafted users.txt file in the Minishare root directory and running minishare.exe. This will allow the attacker to execute arbitrary code on the vulnerable system.
An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending malicious SQL queries to the vulnerable parameter in the URL. For example, http://127.0.0.1/clip/index.php?v=11+and+1=0+union+select+1,concat%28uname,passwd%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members--
This exploit allows an attacker to change the admin password of the phpgallery v 1.1.0 software and upload a shell to the gallery. The attacker can use the code provided by the author and save it in a file csrf.html. When the file is opened, the attacker can change the admin password and upload a shell to the gallery.
Input passed via the "rnd" parameter to products_search.php is not properly sanitised before being used in a SQL query. Input passed via the "filter" parameter to products.php is not properly sanitised before being used in a SQL query. Input passed to the "search_category_id" and "category_id" parameters in ads.php is not properly sanitised before being returned to the user. Input passed to the "category_id" parameter in article.php and articles.php is not properly sanitised before being returned to the user. Input passed to the "rp" parameter in basket.php and product_details.php is not properly sanitised before being returned to the user. Input passed to the "postal_code" parameter in shipping_calculator.php is not properly sanitised before being returned to the user. Input passed to the "s_fds" , "s_tit" ,"s_cod" parameters in search.php is not properly sanitised before being returned to the user. Input passed to the "s_sds" parameter in ads_search.php is not properly sanitised before being returned to the user. user_profile.php vulnerable parameter "return_page"
Multiple vulnerabilities have been discovered in FozzCom shopping, which can be exploited by malicious people to conduct SQL injection attacks, disclose sensitive information, bypass certain security restrictions, and potentially compromise a vulnerable system.
Mosets Tree 2.1.6 is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can exploit this vulnerability by getting a logged in admin to click the wrong link. This will allow the attacker to overwrite the template page with arbitrary code. This vulnerability was patched in version 2.1.7.
When accessing administration/index.php?cat=downloads&edit=VALID_ID and using a valid download id, an attacker is able to manipulate the "anzahl" parameter to perform queries which only involve returning an integer. The query output will be sent back to the client in the "anzahl" text input.
Services By CQR