An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable parameter in the HTTP request. An attacker can use this vulnerability to gain unauthorized access to the application and its data.
A SQL injection vulnerability exists in Website Design and Hosting By Netricks, Inc. The vulnerability is due to improper sanitization of user-supplied input in the 'news.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL statements to the vulnerable script. This may allow the attacker to gain access to sensitive information from the database.
NITRO Web Gallery is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'PictureId' in the URL. This can allow the attacker to gain access to the database and execute arbitrary code.
There is an SQL Injection vulenarability in the site search module. Submitting search criteria will cause subroutine 'uxSubmitButton_Click' in the file '<SRC_DIR>/BlazeApps/Usercontrols/Search.ascx.vb' to be executed. Then it will use 'uxSearchTextBox' input element value (POST Variable) and the 'tagname' input value (POST Variable) without escaping, in a query. The post page of the site's forum save posts without any check on the input. In file '<SRC_DIR>/BlazeApps/Usercontrols/Forum/addpost.ascx.vb' line 121 the 'uxAddPostTexBox' input element value (POST Variable) is used without any check.
JV2 Folder Gallery 3.1.1 is vulnerable to Local File Inclusion (LFI) and Remote Code Execution (RCE). An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The vulnerable code is located in the popup_slideshow.php file, which includes the language, gallerytheme, and file_handling.php files without proper validation. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. The attacker can use the LFI vulnerability to include a malicious file from the local system or a remote system. The attacker can also use the RCE vulnerability to execute arbitrary code on the vulnerable system.
ProWeb Design is vulnerable to SQL Injection. The vulnerability can be exploited by sending malicious SQL queries to the vulnerable application. The vulnerable parameters are template_event.html?pageid=, template_home.pweb?pageid=, main_segment.html?subid= and main_segment.html?id=. An attacker can exploit this vulnerability to gain access to the database and execute malicious code.
Blox CMS is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as usernames and passwords, or to modify data.
The vulnerability exists due to failure in the "/edit_email.php" script to properly sanitize user-supplied input in "id" variable. Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database. Attacker can use browser to exploit this vulnerability.
The vulnerability exists due to failure in the 'admin.php' script to properly verify the source of HTTP request. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. Attacker can use browser to exploit this vulnerability. The following PoC is available: <img src='http://host/admin.php?op=ConfigFiles_save&Xtxt=<?+phpinfo()+?>&Xfiles=footer_after&confirm=1'>
This exploit is used to get username and password from WebAsys using blind SQL injection. It takes three parameters, url, id and u/p. If u is passed as parameter, it will get username by id and if p is passed as parameter, it will get password by id. It uses ASCII substring to get the username and password from the WBS_USER table.
Services By CQR