A vulnerability in Joomla's com_avosbillets component allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'view' task. This can be exploited to gain access to the database and extract sensitive information such as usernames and passwords.
Input var "grp" is vulnerable to SQL code injection. AFFECTED VERSIONS: Confirmed in 1.2 but probably other versions also. RISK: High/Medium IMPACT: Execute Arbitrary SQL queries
IntelliTamper 2.07/2.08 is vulnerable to a remote buffer overflow vulnerability. The vulnerability is triggered when a maliciously crafted HTML file is opened in the application. This can lead to arbitrary code execution on the vulnerable system. The exploit code is written in Python and contains a payload that executes calc.exe.
SOMPL Player is vulnerable to a buffer overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted .m3u file, which contains a malicious payload, resulting in arbitrary code execution.
The FileFilter class is used to indicate what files on the user's system are shown in the file-browsing dialog box that is displayed when the FileReference.browse() method; a user can simply bypass this filter by writing the malicious file name and path on the file browser dialog box rather than navigating and choosing it. Exploit: #1 : upload your file ie (shell.php) #2 : Retreive the 'folder' parameter passed to uploadify jquery function from the head of the page source code ie('folder': 'files/',) #3 : Navigate to your file ie(http://site/files/shell.php)
This vulnerability allows an attacker to inject malicious HTML code into a vulnerable web page. The vulnerability is caused by insufficient input validation of user-supplied data. An attacker can exploit this vulnerability by sending a specially crafted request containing malicious HTML code to the vulnerable web page. This code will be executed in the context of the vulnerable web page, allowing the attacker to gain access to sensitive information or perform malicious actions.
A SQL injection vulnerability exists in the Blog System 1.x. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'user' parameter of the 'blog.php' script. This can allow an attacker to extract sensitive information from the database, such as usernames and passwords.
A Cross Site Request Forgery vulnerability exists in HOUTcast Server Version <= 1.9.8/win32. An attacker can exploit this vulnerability by sending a malicious request to the vulnerable server. This malicious request can be used to ban a single IP or a whole subnet. The malicious request can be sent to the vulnerable server using the following URLs: Ban Single IP: http://[URL]:8000/admin.cgi?mode=banip&ip1=[p1]&ip2=[p2]&ip3=[p3]&ip4=[p4]&banmsk=255 Ban Whole Subnet: http://[URL]:8000/admin.cgi?mode=banip&ip1=[p1]&ip2=[p2]&ip3=[p3]&ip4=0&banmsk=0
Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
eWebeditor is vulnerable to a directory traversal attack when the 'dir' parameter in the 'upload.asp' script is supplied with a malicious value. An attacker can use this vulnerability to access arbitrary files and directories stored on the server.
Services By CQR