The vulnerability is caused due to the use of user-supplied input without proper validation. This can be exploited to include arbitrary local or remote files by passing malicious parameters to the vulnerable script.
OpenCominterne 1.01 is vulnerable to a local file include vulnerability which allows an attacker to include a file from the local system or a remote system. This vulnerability can be exploited by an attacker to gain access to sensitive information or to execute malicious code on the vulnerable system.
WebEssence 1.0.2 is vulnerable to Cross-Site Scripting (XSS), Remote Shell Upload and Remote Blind SQL Injection. An unprivileged registered user can upload any PHP or ASP file that can be found in 'uploads/other/'. An attacker can inject a remote HTML page in the 'url' variable. An attacker can also use a Blind SQL Injection attack to extract the username and MD5 password of the admin user.
An attacker can exploit this vulnerability by accessing the dump.txt file located in the admin folder or the backup folder of the PHP Classifieds V6.09 application. This will allow the attacker to view the emails of all the users registered on the application.
A CSRF vulnerability exists in TR Forum 1.5, which allows an attacker to insert an admin user by sending a maliciously crafted request. The attacker can craft a malicious HTML page containing a form with the necessary parameters to add an admin user, and then send it to a victim. When the victim visits the page, the form will be automatically submitted, and the attacker will gain admin access to the forum.
A vulnerability exists in iNetScripts which allows an attacker to upload a malicious shell file to the web server. The attacker can then use the shell to gain access to the web server and execute arbitrary commands.
Clipak is vulnerable to an upload vulnerability. An attacker can upload malicious files to the web server, which can be accessed via http://127.0.0.1/clipak/admin/upload.php and http://127.0.0.1/clipak/files.
This exploit allows an attacker to send a large number of requests to a server running Invision power board, resulting in a denial of service attack. The exploit is written in Perl and works on all versions of Invision power board. It can be used to DOS the whole server.
A vulnerability exists in phpegasus (fckeditor) which allows an attacker to upload arbitrary files on the server. This is due to the fact that the 'Enabled' parameter in the config.php file is set to true by default, allowing an attacker to upload a malicious file using the upload.php file. This can be exploited to execute arbitrary code on the server.
Rumba FTP Client 4.2 is vulnerable to a buffer overflow vulnerability when sending a directory listing to the client with an overly long filename extension. This can be exploited to execute arbitrary code by sending a specially crafted request to the FTP server.
Services By CQR