A SQL injection vulnerability exists in the Joomla component com_acprojects. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability is due to the lack of proper input validation in the "page" parameter of the "index.php" script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a malicious SQL statement to the vulnerable script.
A vulnerability exists in the Joomla component com_acstartseite, which allows an attacker to inject malicious SQL queries into the application. The vulnerability is triggered when the application fails to properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit this vulnerability by crafting a malicious SQL query and sending it to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as usernames and passwords.
The Limny 2.0 CMS is vulnerable to a Cross-Site-Request Forgery exploit which allows for a malicious attacker to create their own administrator user. By crafting a simple hidden form webpage with a simple javascript form auto-submitter hidden inside of an iframe an attacker is able to add their own administrator privilleged user.
The Limny 2.0 CMS is vulnerable to a Cross-Site-Request Forgery exploit which allows for a malicious attacker to change the password, and email address, of any user, including the administrator.
An attacker can exploit this vulnerability by registering on the website, then uploading a malicious shell file to the server. The malicious file can then be accessed from the 'uploads/usermusic/' directory.
An SQL injection vulnerability exists in the Mambo Component com_acnews, which allows an attacker to inject malicious SQL queries into the application. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is caused due to the improper sanitization of user-supplied input in the 'id' parameter of the 'index.php' script.
It was found that 'pogodny CMS' does not validate properly the 'id' parameter value.
This exploit is used to launch a denial-of-service attack against the FTP On The Go 2.1.2 application running on Apple Iphone/Ipod devices. The exploit sends a malicious HTTP request to the application's web server, which causes the server to crash and become unresponsive.
A buffer overflow vulnerability exists in Easy~Ftp Server v1.7.0.2 when sending an overly long MKD command. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted MKD command with an overly long string. This may allow an attacker to execute arbitrary code on the vulnerable system.
This exploit is a remote denial of service (DoS) vulnerability in the My DBLite Edition application for Apple Iphone/Ipod. The vulnerability is triggered when a malicious user sends a specially crafted DELE command containing a large number of '$A$A$A' characters to the application's FTP server on port 29161. This causes the application to crash, resulting in a denial of service.
Services By CQR