The vulnerability in the source code viewer in both browsers (IE & Opera) is when they are processing the null control character (0×00), including this character in the transmission message results in a misunderstanding that is reflected in the concealment of the transmitted message, only the code that is between valid tags is shown. In other words, exploiting this vulnerability we can completely hide the source code to the user of Internet Explorer and Opera browsers.
A vulnerability exists in AuroraGPT V4 which allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to the application not properly sanitizing user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This will allow the attacker to execute arbitrary code on the vulnerable system.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable application. The attacker can use the UNION operator to append the results of a query to the vulnerable application's own query and extract information from the database.
Trellian FTP Client PASV BOF exploit is a buffer overflow vulnerability in Trellian FTP Client v 3.01. It allows an attacker to execute arbitrary code on the vulnerable system by sending a malicious PASV command. The exploit acts as a fake FTP server that passes the vulnerable PASV command when a client connects.
A Local File Inclusion (LFI) vulnerability exists in the Joomla Component TRAVELbook version 1.0.1. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to include a file from the local system, such as the /etc/passwd file, and view its contents.
A local file inclusion vulnerability exists in com_alphauserpoints version 1.5.5. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to include a file from a remote server that contains malicious code, which can be executed on the vulnerable system.
A local file inclusion vulnerability exists in the com_spsnewsletter component of Joomla. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains a maliciously crafted parameter which can be used to include arbitrary files from the server. This can be used to gain access to sensitive information such as passwords and other confidential data.
A Blind SQL Injection vulnerability exists in the com_rokmodule version 1.1 component for Joomla. An attacker can send a specially crafted HTTP request containing a malicious SQL query to the vulnerable component, which can be used to extract information from the database.
A local file inclusion vulnerability exists in com_preventive version 1.0.5, a Joomla component. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../') to the vulnerable application. This can allow the attacker to include and execute arbitrary local files on the vulnerable system.
A Local File Inclusion (LFI) vulnerability exists in the Joomla Component JProject Manager version 1.0. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This request contains a maliciously crafted parameter value which is then used to include a file from the local file system of the vulnerable server. This can be used to gain access to sensitive information or to execute arbitrary code on the vulnerable server.
Services By CQR