At the following URL as a student, http://server/blog/external_blog_edit.php, it is possible to remotely add an rss blog. The <link> parameter in an rss feed is vulnerable to javascript injection. This blog post is viewable by everyone on moodle and you can link to it directly. Upon clicking the "Link to original blog entry" link, you get javascript execution. In moodle the "sesskey" parameter holds the session key used to prevent csrf, this isn't unique for every form once logged in so many forms can be submitted using this item. It is available on every page which makes xss quite dangerous in this case. Using a link value of <link>javascript:prompt(document.domain);</link>, this will display a demonstrative prompt as expected. For a live example you can remotely include my blog rss feed. http://makthepla.net/Rss/ My moodle blog post has a <link> value of the foll
Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
MKPortal is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
This issue allows remote attackers to crash the application, denying further service to legitimate users.
Softbiz Dating Script is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Proof of concept overwrites the win.ini file
The V3 Chat Instant Messenger is vulnerable to multiple cross-site scripting and SQL-injection vulnerabilities. These vulnerabilities occur due to a lack of proper input sanitization. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks. Additionally, successful exploitation can result in the compromise of the application, unauthorized access or modification of data, and exploitation of underlying database vulnerabilities.
The V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user, steal authentication credentials, and launch other attacks. Additionally, an attacker can compromise the application, access or modify data, and exploit vulnerabilities in the underlying database implementation.
The V3 Chat Instant Messenger application is vulnerable to multiple cross-site scripting (XSS) and SQL injection vulnerabilities. These vulnerabilities occur due to insufficient input sanitization, allowing an attacker to inject malicious script code or SQL queries.
The Singapore Gallery application fails to properly sanitize user-supplied input, leading to directory traversal and cross-site scripting vulnerabilities. An attacker can exploit the directory traversal vulnerabilities to retrieve arbitrary files from the vulnerable system. The cross-site scripting vulnerability allows an attacker to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
Services By CQR