This vulnerability allows an attacker to bypass authentication and gain access to the admin panel of the WSC CMS. By entering 'or' as the password, the attacker can bypass the authentication and gain access to the admin panel.
Input passed via the 'page' parameter to index.php is not properly sanitised before being used in a SQL query and it is possible to get sensitive information using for example Time-Base Blind SQL Injection attacks.
A Cross-Site Request Forgery (CSRF) vulnerability exists in phpAutoVideo, which allows an attacker to change the admin password by sending a malicious request. The malicious request contains a hidden form with the parameters 'admintype' set to 'changepass', 'passworda' and 'passwordb' set to 'z3r0'. When the victim visits the malicious page, the form is automatically submitted and the admin password is changed.
A buffer overflow vulnerability exists in Easy~Ftp Server v1.7.0.2 (HTTP) which could allow a remote attacker to execute arbitrary code on the vulnerable system. Authentication is not required to exploit this vulnerability. The vulnerability is due to a boundary error when handling HTTP requests. An attacker could exploit this vulnerability by sending a specially crafted HTTP request containing an overly long string to the vulnerable server. This may allow the attacker to execute arbitrary code on the vulnerable system.
This exploit is used to crash the FileApp application on Iphone 3GS with 3.1.2 firmware. The exploit sends a large amount of data to the application's port 2121, causing it to crash and return to the SpringBoard.
There's a file called jsloader.php which takes an array of file names from the HTTP GET parameters and calls include() on every one of them. The problem is that the only protection is the is_file() call (therefore it cannot be used for remote file inclusion), so it's trivial to exploit this vulnerability to execute the PHP interpreter on any file on the target system the httpd user can read.
The cgi script doesn't show the command output *blind command execution ;)*. Vulnerable functions in gitweb.cgi: git_snapshot(), git_search(), git_object(). An example exploit URL is http://server/cgi-bin/gitweb.cgi?p=sample.git/.git;a=object;f=program.c;h=e69de29bb2d1d6434b8b29ae775ad8c2e48c5391|`touch$IFS/tmp/file.txt`|;hb=9adaf5b35bb6415497d23f089660567227ea3785
CubeCart is vulnerable to a SQL injection vulnerability in the index.php file. This vulnerability allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is due to the lack of proper sanitization of user-supplied input in the "productId" parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The attacker can use the ‘controller’ parameter to inject malicious code into the application. This code can be used to read sensitive files from the server.
A buffer overflow vulnerability exists in iTunes 9.0 when handling .pls files. An attacker can exploit this vulnerability by crafting a malicious .pls file and convincing the user to open it, resulting in arbitrary code execution.
Services By CQR