This exploit is a blind SQL injection vulnerability in the Joomla Component user_id com_sqlreport. It allows an attacker to inject malicious SQL code into the vulnerable application and execute it. The exploit uses a Perl script to send a malicious request to the vulnerable application and extract the results. The script can be used to extract data from the database, such as usernames and passwords.
A SQL injection vulnerability exists in the Top Auktion web application. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The request contains malicious SQL statements that are executed in the backend database. The malicious SQL statement can be used to extract sensitive information from the database, such as user credentials, or to modify the data stored in the database.
A SQL injection vulnerability exists in the Php Auktion Pro script. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application with the malicious payload in the 'id' parameter. The malicious payload can be either 'null+union+select+1,2,convert (password using utf8),4,5+from+users#' or 'null+union+select+1,2,concat (name,0x3a,password),4,5+from+users#'
The server doesn't crash at all, but after exploiting it, you can't see (list) your files anymore. You must to close the app and open it again. Then you'll see that the app starts like it was fresh installed and your files are gone.
This exploit is a blind SQL injection vulnerability in Joomla's com_ice component. It allows an attacker to extract usernames and passwords from the Joomla database. The exploit works by sending a series of requests to the vulnerable URL, each of which contains a different SQL query. The response time of the server is then used to determine the result of the query.
Softbiz Jobs is vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can exploit this vulnerability by crafting a malicious HTML page that contains an image tag with a specially crafted URL. When a logged-in administrator visits the malicious page, the URL will be executed in the context of the administrator's session, allowing the attacker to delete the registered user.
This exploit is for Total Video Player 1.31 (.avi) which is a media player. The exploit is a crafted .avi file which when opened in the vulnerable version of the player, causes a crash. The crafted file contains a header with a specific value which causes the crash.
This exploit is a local crash exploit for E.M. Total Video Player V1.31. It creates a malicious .wav file with a length of 666 bytes, which when loaded into the player, causes it to crash. This exploit was discovered by v3n0m in February 2010.
Easy FTP Server 1.7.0.2 is vulnerable to a buffer overflow attack. The vulnerability exists in the CWD command, which allows an attacker to send a malicious payload of 272 bytes. The payload contains a NOP sled followed by a shellcode and a return address. The shellcode executes calc.exe on the target machine. The vulnerability was discovered by athleet and was tested on Windows XP SP3 (Eng).
Chasys Media Player 1.1 is vulnerable to a local buffer overflow vulnerability when processing .mid files. An attacker can exploit this vulnerability by crafting a malicious .mid file and sending it to the target system. When the target system opens the malicious .mid file, the attacker can execute arbitrary code on the target system.
Services By CQR