This exploit allows an attacker to execute arbitrary commands on a vulnerable MiNBank 1.5.0 system. The vulnerability exists due to the allow_url_include and register_globals settings being enabled, which allows an attacker to inject malicious code into the vulnerable application. The exploit requires the attacker to have access to a web server to host the malicious code.
A SQL injection vulnerability exists in the showplugs.php script of Smartplugs 1.3. An attacker can exploit this vulnerability to gain access to the user and admin credentials by sending a specially crafted HTTP request to the showplugs.php script.
Gnat-TGP version 1.2.20 and prior are vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the server.
A vulnerability exists in Dosya Yukle Scrtipi v1.0, which allows an attacker to upload malicious files to the server. An attacker can exploit this vulnerability by sending a malicious file to the server via http://127.0.0.1/dosyayukle/dosyalar/ch99.php. This will allow the attacker to gain access to the server and execute arbitrary code.
The vulnerability exists in the 'index.php' script of Uiga Church Portal, which allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'view=read' module.
This exploit is a perl script which uses Net::SSH2 module to connect to a remote host and execute a reverse shell TCP payload. The payload is a x86/alpha_mixed shellcode of size 692. The exploit is tested on Windows XP SP2 EN.
Mozilla Firefox is a popular internet browser. This bug is a typical result when attacker try to write plenitude String in document.write() function. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page.
A SQL injection vulnerability exists in the contact.php page of my little forum, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter. An example exploit is http://site.com/forum/contact.php?id=-11111111'+union+select+1,2,concat(user_name,0x3a,user_pw),4,5+from+forum_userdata+where+user_id=1--+
A vulnerability exists in Uploadify Sample Collection, which allows an attacker to upload a malicious shell to the vulnerable server. The attacker can then execute arbitrary code on the server.
A vulnerability in PHP Advanced Transfer Manager v1.10 allows an attacker to upload a malicious shell to the vulnerable server. The vulnerability exists due to insufficient validation of user-supplied input in the 'register.php' and 'index.php' scripts. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a malicious shell to the vulnerable server. Successful exploitation of this vulnerability can result in arbitrary code execution on the vulnerable server.
Services By CQR