Inout Article Base is a powerful, feature rich, fully customizable article script from inoutscripts.com. This is a highly Search Engine Optimized script which helps you to publish unlimited number of articles. The entire system is template driven which allows you to easily modify the public pages to match your web site look. Unpriviledged user could be Able to upload Shell and take over the control.
Inout Music is the most powerful, affordable, flexible, feature rich, customizable music portal script for your website. Users can purchase their favorite music from the buyer and download it instantaneously. A vulnerability exists in the Inout Music version 1.0 which allows an attacker to upload a malicious shell on the vulnerable website.
This bug utilizes Microsoft Help vuln for RCE. You can test by browsing to http://krash.in/real-exp/exploit.ram
Music Manager is an extension for Joomla! 1.5 which allows management of a music collection. It is easy to use and very flexible. Users can manage their music collection by artist, album and song. This component provides users with the ability to manage their music collection in a flexible and professional manner. Begin by adding an entry to the 'Artists' table. This can be just yourself, if you are building your own music website, or every artist on the planet if you're building a music library. Then, add albums and fill in the name, description and creation year. Album art can be added to the images/albumart directory using the media manager and will then appear in the select-list on the album page. Finally, add songs to each album, upload mp3s to the images/songs directory and select them from the drop-down list. Demo Url: http://server/component/music/album.html?cid=[LFI]%00
This exploit allows an attacker to gain root privileges by tampering with the PAM MOTD file. The attacker can create a symbolic link to the file they wish to tamper with and then log back into their shell or re-ssh to make PAM call the vulnerable MOTD code. The file will then be owned by the user.
pithcms is vulnerable to local and remote file inclusion. An attacker can exploit this vulnerability to include malicious files from remote locations and execute arbitrary code on the vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'theme' parameter in 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters.
This vulnerability allows an attacker to inject malicious SQL queries into the vulnerable application. The attacker can use this vulnerability to gain access to sensitive information stored in the database, such as usernames and passwords. The vulnerability exists due to insufficient input validation of user-supplied data. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL queries to the vulnerable application.
FathFTP 1.7 ActiveX control contains a buffer overflow vulnerability when handling a specially crafted GetFromURL method call. An attacker can exploit this vulnerability to execute arbitrary code on the target system by supplying a malicious payload in the method call.
The part of the network library which handles the SSL connection can be tricked into an endless loop that freezes the whole application with CPU at 100%. The problem is located in the QSslSocketBackendPrivate::transmit() function in src_network_ssl_qsslsocket_openssl.cpp that never exits from the main 'while' loop.
The Battlefield series is developed by DICE and published by Electronic Arts. Each BF2 and BF2142 server has some fields where the admin can specify the links to files and images like the sponsor and community logo. The client performs a very simple operation, it gets the URL and downloads the file saving it locally using its original name in the following folder. The problem is that the client doesn't check the URL and so it's possible to specify a directory traversal sequence like http://evil.com/../../../../../../../../../../../../../../../../boot.ini and the client will download the file boot.ini from the root of the C: drive. The same vulnerability affects also the DemoDownloadURL, DemoIndexURL and CustomMapsURL fields.
Services By CQR