goffgrafix Design is vulnerable to SQL injection attacks. Attackers can exploit this vulnerability to gain access to the underlying database and execute arbitrary SQL commands. The vulnerability exists due to insufficient input validation in the "id" parameter of the "page.php" and "designer.php" scripts. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands.
BBMedia Design's SQL Injection Vulnerability is a vulnerability in the BBMedia Design's web application which allows an attacker to inject malicious SQL queries into the web application. This vulnerability can be exploited by an attacker to gain access to the database and extract sensitive information such as usernames and passwords.
The vulnerability exists in the 'shop.php' script, where the 'pid' parameter is vulnerable to SQL injection. An attacker can inject malicious SQL code into the 'pid' parameter and execute it in the backend database.
runt-communications Design SQL Injection Vulnerability is a vulnerability that allows an attacker to inject malicious SQL code into a vulnerable web application. This can be exploited to gain access to sensitive data stored in the database, such as user credentials, or to execute arbitrary code on the server. The vulnerability is caused by insufficient input validation in the application, allowing an attacker to inject malicious SQL code into the application. The vulnerability can be exploited by sending a specially crafted HTTP request containing malicious SQL code to the vulnerable application. The malicious code will then be executed on the server, allowing the attacker to gain access to sensitive data or execute arbitrary code.
MMA Creative Design is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate the queries that are executed on the underlying database, allowing for the manipulation or disclosure of arbitrary data.
A buffer overflow vulnerability exists in Media Player Classic version 1.3.1774.0 when processing .rm files. An attacker can exploit this vulnerability by creating a malicious .rm file and convincing a user to open it with Media Player Classic, resulting in arbitrary code execution.
The Recipes Website 1.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially gain access to sensitive information.
ECShop Search.php SQL Injection Exploit is a vulnerability that allows an attacker to inject malicious SQL code into the application, which can be used to gain access to sensitive data stored in the database. The exploit is triggered when the application fails to properly sanitize user input, allowing the attacker to inject malicious SQL code into the application. The exploit was discovered in 2010 by Jannock and affects all versions of ECShop. The Common Weakness Enumeration (CWE) for this vulnerability is CWE-89.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable application. The crafted query can be sent as a parameter in the URL, for example http://[site]/artists.asp?id=24%20union%20select%201,username,userpass,4,5,6,7,8,9,10,11,12,13%20from%20users
Original discovery and credit goes to: Alireza Afzali of ISCN Team. Found date: 5/17/2009. Exploit: http://[PATH]/Providers/HtmlEditorProviders/Fck/fcklinkgallery.aspx. AnD Add : javascript:__doPostBack('ctlURL$cmdUpload',''). AnD UpLOaD YoUr ShEll AsP LiKe Dz4aLL.asp;me.jpg. you find your Shell Hier http://[PATH]/portals/0/dz4all.asp;me.jpg
Services By CQR