A vulnerability exists in JE Tooltip (component and plugin) version 1.0, which allows an attacker to include a local file via a specially crafted URL. An attacker can exploit this vulnerability by sending a malicious URL to an unsuspecting user. The malicious URL contains a parameter that is used to include a local file. This can lead to the disclosure of sensitive information.
DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier. Here, three proof-of-concepts (POCs) are listed which can be used to add/delete subdomains and emails. The POCs use a hidden form with the action set to the CMD_SUBDOMAIN or CMD_EMAIL_POP URL, and the action set to create/delete. The user must set the proper name instead of selectX, for example if the subdomain is at number 2 in the list, it should be set to select1.
A SQL injection vulnerability exists in phpscripte24 Preisschlacht Liveshop System, which allows an attacker to execute arbitrary SQL commands via the 'seite' and 'aid' parameters in the 'index.php' script.
The STOR command will crash the server and overwrite a few interesting CPU registers. Other commands that will gives similar results are: CD / MKD / RMD They all overwrite SEH in the same manner as the STOR command. During our research, we discovered many other DoS possibilities. These character combinations (%s & %n like DELE) are pretty good at crashing this application.
eDisplay Personal FTP server 1.0.0 is vulnerable to a pre-authentication denial of service attack. By sending a specially crafted FTP request containing a large number of '%s' characters, an attacker can cause the application to crash.
The Quality Point 1.0 NewsFeed is vulnerable to SQL injection and XSS attacks. An attacker can exploit the vulnerability by sending a malicious SQL query to the showPage.php page with the id parameter. The malicious query will be executed in the database and the attacker can gain access to sensitive information. An attacker can also exploit the XSS vulnerability by sending a malicious script to the showPage.php page with the id parameter. The malicious script will be executed in the browser and the attacker can gain access to sensitive information.
SOFTSAURUS 2.01 is vulnerable to multiple remote file include vulnerabilities. An attacker can exploit these vulnerabilities to execute arbitrary code on the vulnerable system. The vulnerable files are wallpapers.php, subHeader.php and objects_path. An attacker can exploit these vulnerabilities by sending a maliciously crafted HTTP request containing a URL-encoded path to a remote file that can be included and executed on the vulnerable system.
Nensor CMS 2.01 is vulnerable to Local File Inclusion and Authentication Bypass. An attacker can exploit these vulnerabilities to gain access to sensitive information and execute arbitrary code on the server.
A Blind SQL Injection vulnerability exists in phpscripte24 Niedrig Gebote Pro Auktions System II, which allows an attacker to extract sensitive information from the database. This can be exploited by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. This can be used to extract the username and password from the database.
A vulnerability exists in the way Crimson Editor reads file types from within configuration files and can be exploited, by malicious people, to compromise a vulnerable system. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code, by tricking a user into using a maliciously constructed configuration file (cedt.cfg). This vulnerability is confirmed in Crimson Editor version 3.70.
Services By CQR