A SQL injection vulnerability exists in the Specialist Bed and Breakfast website, which allows an attacker to inject malicious SQL queries into the application. The vulnerability is located in the 'pages.php' script, where the 'pp_id' parameter is vulnerable to SQL injection. An attacker can inject malicious SQL queries into the application, which can be used to extract sensitive information from the database.
This exploit allows an attacker to inject malicious SQL commands into a vulnerable web application. The exploit is coded in Perl and is used to extract sensitive data from the victim's website. The exploit is triggered by providing a valid username as an argument to the exploit.
webERP is a complete web based accounting/ERP system that requires only a web-browser and pdf reader to use. Attacker can add new administrator to the system by exploiting the CSRF vulnerability. Application offer disable the magic_quotes_gpc. Attacker can inject sql codes if exploit the CSRF vulnerability. HTTP Requests must filtered.
A SQL injection vulnerability exists in Joomla component com_wmtpic, due to improper sanitization of user-supplied input in the 'Itemid' parameter. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the application's database, allowing for the manipulation or disclosure of arbitrary data.
JooManager enables users to create a real estate website for their clients. An SQL injection vulnerability exists in the 'catid' parameter of the 'view=itemslist' component, which can be exploited to execute arbitrary SQL commands.
Gamesbox is the innovative component developed for Joomla™ that allows you to manage a real and unique portal for videogames. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'id' in the URL. This can allow the attacker to gain access to the database and extract sensitive information.
This exploit is a Remote Blind SQL Injection vulnerability in ShopCartDx <= v4.30. It allows an attacker to extract the password hash of a user by exploiting a vulnerability in the products.php file. The exploit uses a time-based blind SQL injection technique to extract the password hash character by character.
This exploit allows an attacker to inject malicious SQL code into a vulnerable PHP-Nuke <= 8.0 (News) application. The exploit uses a POST request to send the malicious code to the application, which then executes the code and returns the results. The results can include sensitive information such as usernames, passwords, and email addresses.
WebDM CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Adobe Reader suffers from a remote memory corruption vulnerability that causes the application to crash while processing the malicious .PDF file. The issue is triggered when the reader tries to initialize the CoolType Typography Engine (cooltype.dll). This vulnerability also affects and crashes major browsers like: Mozilla Firefox, Opera and Apple Safari. Google Chrome & IE does not crash.
Services By CQR