JE CMS 1.0.0 is vulnerable to bypass authentication by SQL injection. In administrator/login.php page, lines 16-20, userLogin() function is in administrator/library/functions.php. In lines 129-139, the username and password are not properly sanitized before being used in a SQL query. This can be exploited to bypass authentication by entering a specially crafted username and password. In administrator/index.php file line 12, $userid is not properly sanitized before being used in a SQL query. This can be exploited to inject arbitrary SQL commands.
This version of AtomatiCMS have Upload arbitrary file Vulnerability with fckEditor in this Paths: http://Example.com/FCKeditor/editor/filemanager/browser/default/connectors/test.html and http://Example.com/FCKeditor/editor/filemanager/upload/test.html. Which your files will be in this path: .../UserFiles/
Car Portal is a web solution written in PHP and it uses a MySQL database for storing the data. An attacker can exploit a Blind SQL Injection vulnerability in Car Portal v2.0 by sending a malicious payload to the vulnerable parameter 'car' in the URL. This can allow the attacker to extract data from the database.
This module exploits a buffer overflow in Digital Music Pad Version 8.2.3.3.4 When opening a malicious pls file with the Digital Music Pad, a remote attacker could overflow a buffer and execute arbitrary code.
This exploit is for iworkstation Version 9.3.2.1.4. It is a SEH exploit which uses a POP ESI instruction to gain control of the execution flow. The exploit code is written in Perl and is used to create a malicious .pls file which can be used to trigger the vulnerability.
A denial of service vulnerability exists in Fox Audio Player 0.8.0 due to a lack of proper validation of user-supplied data. An attacker can exploit this vulnerability by creating a specially crafted .m3u file containing a large amount of data, which when opened in Fox Audio Player 0.8.0 will cause the application to crash.
This exploit allows an attacker to retrieve the configuration of a Barracuda Networks Spam & Virus Firewall <= 4.1.1.021. The configuration includes the administrative password for the BSF, MTA LDAP passwords, password for each configured mailbox, and internal networking information.
Allpc 2.5 osCommerce is vulnerable to SQL Injection and XSS. The Search B0x of this script is vulnerable to XSS, because it fails to properly sanitize user-supplied input. An attacker can inject malicious SQL queries and execute arbitrary JavaScript code in the browser of the victim.
Entrans is an online collaborative translation tool used for editing and translation of PO files. An attacker can exploit a SQL injection vulnerability in the poll.php script by sending a specially crafted HTTP request containing malicious SQL code. This can allow the attacker to gain access to the database and potentially execute arbitrary code.
This version of ndCMS has Sql Injection Vulnerability that its DataBase is Access with Table of Users : tblUSERS Columns : userid , passwd. Considering to the code, for example you can browse this URL: http://Example.com/express_edit/editor.aspx?index=1+AND+1=IIF((select mid(last(userid),1,1) from (select top 1 userid from tblUSERS))='a',1,2) and so on.
Services By CQR