JGen is a genealogy database component for the Joomla content management system. It allows easy registration of individuals in your family tree, the links between them, sources where information was found, images and documents etc. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'id' in the URL.
UCenter Home 2.0 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This will allow the attacker to execute arbitrary SQL commands on the underlying database, potentially allowing them to gain access to sensitive information such as user credentials.
The Storyteller CMS is vulnerable to a Local File Include vulnerability due to the lack of sanitization of the 'var' parameter in the GetTemplate function. An attacker can exploit this vulnerability by sending a crafted HTTP request containing a malicious file path in the 'var' parameter. This will allow the attacker to include a malicious file from the local system, resulting in arbitrary code execution.
Mosets Tree suffers from a shell upload vulnerabilty caused by improperly checking the filetype of uploaded images. Tools used: Firefox web browser, Firebug extension, GIMP image editor. Steps to Reproduce: Open GIMP, create a new image. Save image as a GIF file, with the shell as the comment (surrounded by <?php ?> tags). Rename GIF to shell.gif.php. Create an account on the target site. Navigate to the mtree entry form. Fill out all mandatory form fields. At the bottom of the form you should be able to add images. Add your shell. Open Firebug and navigate to the Console tab. At the bottom of the console, type this in & hit enter: (document.getElementById('adminForm')).submit(); After the form submits, you should be on your user listing page. Navigate to http://{target}/components/com_mtree/img/listings/o/{id}.php where {id} is the id number of your new entry. Caveats: Requires a registered account. The shell will have GIF garbage before the PHP code, so headers will already be sent... Works if image processing is set to GD or ImageMagick. NetPbm untested.
RealPlayer SP 1.1.4 is vulnerable to an Integer Overflow vulnerability. This vulnerability can be exploited by a maliciously crafted FLV file. When the file is opened, the application crashes due to the overflow. This vulnerability is tracked as CVE-2010-3000.
This CMS have Upload arbitrary file valnerability with Image Gallery. you can upload your file with this path: http://Example.com/Backstage/Components/FreeTextBox/ftb.imagegallery.aspx. Uploaded files will be placing in this path: http://Example.com/Images/
AA SMTP Server is a light-weighted SMTP server software to run SMTP service for you. An attacker can create a malicious CSV file with a large number of characters and import it into the server, causing the server to crash.
A vulnerability in osDate allows an attacker to upload a malicious shell to the server. The attacker must first create an account and confirm it. Then, they can access the uploadvideos.php page and upload a malicious shell. The shell will be stored in the uservideos folder. The attacker can then access the shell by going to the uservideos folder.
A SQL injection vulnerability exists in Group Office, which allows an attacker to execute arbitrary SQL commands via the 'category_id' parameter in the '/notes/json.php?task=category' URL.
A buffer overflow vulnerability exists in Kingsoft Antivirus <=v2010.04.26.648, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to insufficient boundary checks when handling user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application. Successful exploitation could result in arbitrary code execution in the context of the application.
Services By CQR