A SQL injection vulnerability was discovered in the Entry Level Content Management System (EL CMS). An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable web application. This can be done by appending malicious SQL queries to the vulnerable parameter in the URL. This can allow an attacker to gain access to the database and extract sensitive information.
DB[CMS] is vulnerable to SQL injection. An attacker can inject malicious SQL queries into the vulnerable parameter 'id' of the 'article.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
IMEDIA (index.php) SQL Injection Vulnerability is a vulnerability that allows an attacker to inject malicious SQL code into an application, allowing them to access, modify, or delete data from the database. This vulnerability was discovered by Kannibal615 in 2010 and affects all versions of the software. The exploit is triggered by using a specially crafted DORK (Powered by: Con-Imedia) and sending a malicious HTTP request to the target. The malicious code is then executed, allowing the attacker to gain access to the database.
The vulnerability exists in the Renista CMS, which allows an attacker to inject malicious SQL queries into the application. The attacker can use this vulnerability to gain access to the database and extract sensitive information such as usernames, passwords, and other confidential data.
A vulnerability exists in DBCart ONLINE SHOPPING APPLICATION, which allows an attacker to inject arbitrary SQL commands. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application using the 'id' parameter. This can result in the manipulation of the underlying database and the disclosure of sensitive information.
A Stored Cross-Site Scripting (XSS) vulnerability was found within the Palo Alto interface. By crafting a URL that includes XSS code it is possible to inject malicious data, redirect the user to a bogus replica of the real website, or other nefarious activity.
A SQL injection vulnerability exists in DB[CMS] (section.php) which allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is caused due to the user input not being properly sanitized before being used in an SQL query.
Ironmail was found to allow Web Access users to execute arbitrary actions with Write rights, due to an improper profile check.
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via CHARACTER TABULATION or others escape characters inside javascript: protocol string.
A remote file upload vulnerability exists in Battle Scrypt, which allows an attacker to upload a malicious file to the server. The attacker can then access the malicious file by accessing the URL /images/uploads/[id].php. This vulnerability can be exploited by using the d0rk 'Powered by Battle Scrypt' or inurl:upload.php.
Services By CQR