This 0day is kickass from fl0 fl0w a.k.a Stefan! Run calc.exe or bind port and hack ,fuck antisecurity. Thanks to George Nicolaou one of the best there is!
A SQL injection attack consists of insertion or 'injection' of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.
SQL Injection vulnerability exists in YES SOLUTIONS which allows an attacker to inject malicious SQL queries into the vulnerable web application. This vulnerability can be exploited by sending malicious SQL queries to the vulnerable web application. The malicious SQL queries can be used to extract sensitive information from the database such as usernames and passwords. The vulnerable parameter is the ‘id’ parameter which can be exploited by sending malicious SQL queries to the vulnerable web application.
Newsletter Tailor is vulnerable to an authentication bypass vulnerability due to improper sanitization of user-supplied input. A remote attacker can exploit this vulnerability to bypass authentication and gain access to the application.
A vulnerability exists in Newsletter Tailor, a powerful Newsletter/ Mass Mailer script with built-in ftp client and wysiwyg editor, which allows an attacker to download the database backup from the target website. The vulnerability is due to the lack of authentication and authorization checks in the download.php file, which allows an attacker to download the backup.sql file without any authentication. The attacker can access the backup.sql file by accessing the URL http://[target].com/[path]/admin/download/backup.sql and can download the file by accessing the URL http://[target].com/[path]/admin/download/download.php?file=backup.sql.
LDAP Injection is an attack technique used to exploit web applications that construct LDAP statements based on user input. An attacker can use LDAP injection to bypass authentication, access, modify and delete data within the LDAP tree.
fipsForum v2.6 is vulnerable to remote database disclosure. An attacker can access the database directly by sending a request to the vulnerable URL. This can lead to the disclosure of sensitive information such as usernames, passwords, and other confidential data.
The vulnerability exists due to insufficient filtration of user-supplied input in 'Id' parameter in 'newsletter.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database, gain access to sensitive data, modify data, etc.
The vulnerability is in the get $_GET['p'], the index.php include '/pages/'.$_GET['p'].'.php'. So we can read any file in the server.
A Cross-site Scripting (XSS) vulnerability exists in TinyMCE, a JavaScript-based WYSIWYG editor, due to improper validation of user-supplied input. An attacker can leverage this vulnerability to execute arbitrary HTML and script code in a user's browser session in the context of the affected site. This vulnerability affects TinyMCE versions prior to 3.4.9.1, and is addressed in version 3.4.9.1.
Services By CQR