A weakness has been discovered in Chipmunk Board on which version to 1.3. Where an attacker could exploit the gap that exists to obtain sensitive data within the database. These vulnerabilities were identified in the path 'index.php? forumID'. The injection type is integer, MSSQL with error.
Tiki Wiki CMS Groupware is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks. The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
User-supplied input for variable $item_name isn't properly escaped and user-supplied data is not properly escaped before passing to header() function.
This module exploits a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX. When sending an invalid pointer to the extSetOwner() function of UfPBCtrl.dll, an attacker may be able to execute arbitrary code.
The vulnerability allows remote unauthenticated attackers to force the IIS server to become unresponsive until the IIS service is restarted manually by the administrator. Required is that Active Server Pages are hosted by the IIS and that an ASP script reads out a Post Form value. When the following ASP script is hosted by IIS the attacker can run the attack: <% Dim variable variable = Request.Form(“FOOBAR”) %>. The exploit is simple: The attacker sends a POST request to the ASP site which reads out POST arguments. The POST request includes > 40000 request parameters and is sent in the form of an application/x-www-form-urlencoded encoding type. The result is that one IIS worker process crashes because of a stack overflow (here stack exhaustion). Tests have shown that five consecutive requests of this type will cause the default application pool to be disabled because of a series of failures of the IIS worker processes.
Zen Cart v1.3.9f suffers from a file inlcusion vulnerability (LFI) / file disclosure vulnerability (FD) when input passed thru the 'typefilter' parameter to index.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.
Zen Cart v1.3.9f suffers from a persistent cross-site scripting (XSS) and SQL injection vulnerability. The SQLi issue lies in 'option_name_manager.php' script in the 'option_order_by' parameter thru the admin UI (post-auth). Input is not sanitized resulting in compromising the db system. The stored/persistent XSS issue lies pretty much everywhere in the admin panel when editing and inserting strings in different categories.
Successful exploitation of this exploit requires the site to be configured to allow users to upload video files directly, which is disabled by default. If this feature is enabled, any file uploaded via the "add video" upload form will end up in http://[victim]/images/originalvideos/[your account's user id]/[unique file name]. This folder is not protected with an index, so if indexes are allowed retrieving the shell's filename is trivial.
This exploit allows an attacker to gain access to the username and password of a Joomla JE Directory website by sending a malicious request to the index.php page with the vulnerable ID parameter. The exploit was discovered by Easy Laster in 2010 and is available for free.
This vulnerability allows an attacker to inject malicious SQL commands into the vulnerable application. This can be used to bypass authentication, access, modify and delete data within the database.
Services By CQR