A SQL injection vulnerability exists in Joomla Component com_hezacontent. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable application in order to gain access to unauthorized information or to manipulate data. The vulnerable parameter is 'id' which can be exploited with the following payload: -1+union+all+select+1,2,3,4,5,6,concat_ws(0x3a,username,password),8,9,10,11,12,13,14,15,16,17,18+from+jos_users--
Accessing the 'inc/database' directory of Uebimiau Webmail v3.2.0-2.0 allows an attacker to view the users' inboxes, sent emails, and any other folders the user may have.
The Spamassassin Milter Plugin can be tricked into executing any command as the root user remotely. If spamass-milter is run with the expand flag (-x option) it runs a popen() including the attacker supplied recipient (RCPT TO).
This exploit is a buffer overflow vulnerability in the WebViewer3D Active-X control of SAP GUI version 7.10. It allows an attacker to execute arbitrary code on the target system by using a JIT-Spray technique.
The PHP File Sharing System 1.5.1 is vulnerable to XSS, Directory transversal, Shell through file upload and Intercept requests. An attacker can exploit these vulnerabilities by sending a malicious request to the server. The malicious request can be used to upload a PHP shell, traverse the directory structure, and intercept requests to delete system files.
Chaton version 1.5.2 is vulnerable to a Local File Include vulnerability. This vulnerability is caused due to the improper validation of user-supplied input in the 'chat_lang' parameter in the 'deplacer.php' script. An attacker can exploit this vulnerability to include local files and execute arbitrary code on the vulnerable system.
TRIBISUR version 2.0 and below is vulnerable to a Local File Include vulnerability. This vulnerability allows an attacker to include a local file on the web server. This can be exploited to gain access to sensitive information or to execute malicious code. The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'theme' parameter to the '/modules/hayoo/index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences and a malicious file name in the 'theme' parameter. This can result in the execution of arbitrary code on the vulnerable system.
The vulnerability exists in the 'news.php' script, which allows an attacker to inject malicious SQL queries via the 'id' parameter. The exploit can be triggered by sending a crafted HTTP request to the vulnerable server, containing a malicious SQL query in the 'id' parameter. This can be exploited to extract sensitive information from the database, such as usernames and passwords.
A buffer overflow vulnerability exists in MP3 player 1.0 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted MP3 file with a large number of 'A' characters, which can cause the application to crash.
This exploit allows a local user to gain root privileges by exploiting a vulnerability in Sudo versions 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4. The exploit creates a malicious script in the /tmp directory and uses the sudo command to execute it with root privileges. The malicious script contains commands to spawn a root shell.
Services By CQR