A Denial of Service (DoS) vulnerability exists in Sun Java Web Server 7.0 u7, which allows an attacker to cause a denial of service by sending a specially crafted HTTP request. The request must contain an empty HTTP header, which causes the server to crash.
BrotherScripts Auction Script is vulnerable to SQL Injection. An attacker can inject malicious SQL queries into the 'id' parameter of the 'confirm.php' page. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
JPodium is a Joomla! component to manage and display sports results. The intended use is to keep track of race results for e.g. a cycling club portal. Of course it is not fixed to any kind of sports but more to a certain structure of race results. This means that every athlete has a class (e.g. age class like 'Master') attached and the results are listed per race in this classes. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'Itemid' in the URL 'http://127.0.0.1/path/index.php?option=com_jpodium&view=races&Itemid='.
BS Business Directory Software allows people to browse and search for businesses in their area. The listings are fully detailed with descriptions, ratings, features, photos, reviews, contact information and driving directions linked to MapQuest. Users can also open an account and save their favorite businesses to their online note book. Business people can also list their businesses. After the registration, they are able to select and buy a package depending on the length of time they would like their business to be listed. Payment can be made through PayPal or 2Checkout. The subscribers will be informed about their statistics via email - 10 days before the expiration of his account, 5 days, 1 day. 24 hours after his account expiration date, all his listings and his account will be deleted automatically. An attacker can exploit the SQL injection vulnerability by sending malicious SQL queries to the database via the vulnerable parameters in the URL. An attacker can also bypass authentication by using the username and password as 'or'1'='1.
Setup your own auto classifieds website with BrotherScripts.com. An SQL injection vulnerability exists in the articlesdetails.php script, which allows an attacker to execute arbitrary SQL commands on the underlying database.
BS Classifieds Ads Software allows users to browse and search for classified ads. The listings are detailed with photos, descriptions, ratings, reviews, features, contact information and driving directions linked to MapQuest. Users can also open an account and save their favorite ads to an online notebook. Users can also post their ads. After the completion of registration, users are able to select and buy advertising packages depending on the length of time they would like their listings to be displayed. Payment are done through PayPal and 2Checkout. The user will will be informed about his account statistics by emails - 10 days before his account's expiration, 5 days, 1 day. 24 hours after his account expiration date, all his listings and his account will be deleted automatically. An attacker can exploit this vulnerability by injecting malicious SQL queries into the vulnerable parameters of the application.
BS Events Directory software allows users to browse and search for events. The listings are detailed with features, photos, descriptions, ratings, reviews, contact information and driving directions linked to MapQuest. Users can also open an account and save their favorite ads to an online account. Users can also post their ads. After an user has registered, they are able to select and buy a package depending on the length of time they would like their listings to be displayed. Payment can be done via PayPal or 2Checkout and registration is automated. The user will receive a few emails - 10 days before his account will expire, 5 days, 1 day. 24 hours after his account expiration date, all his listings and his account will be deleted automatically.
BrotherScripts.com offers a real estate classifieds software which allows home buyers to browse and search available properties. Agents can also list their properties. After a new seller has registered, they are able to select and buy a package depending on how many offers they would like to to post and for the length of time they would like to post them. Payments can be done via PayPal or 2Checkout. The vulnerability is a SQL injection which can be exploited by sending malicious SQL queries to the vulnerable web application. The vulnerable URLs are http://server/Home_Classifieds/search.php?c=[sqli] and http://server/Home_Classifieds/articlesdetails.php?id=[sqli].
BrotherScripts Realtor_Web Script is vulnerable to SQL injection, allowing an attacker to execute arbitrary SQL commands on the underlying database. This can be exploited to gain access to sensitive data stored in the database, such as user credentials, or to modify data.
BS Recipes website allows people to share their favorite recipes with others in the categories that you create. Members can also send an email message of recipes they like to others directly through the website. An attacker can exploit a SQL injection vulnerability in the 'recipedetail.php' script by injecting malicious SQL queries into the 'id' parameter. Additionally, an attacker can bypass authentication by using ' or 1=1 or ''=' in both username and password fields.
Services By CQR