This exploit is used to gain access to the database of a website using the com_jembed component. It uses a blind SQL injection technique to extract the username and password of the website from the jos_users table. The exploit takes the URL of the website as an argument and then uses the length of the response to determine if the query is true or false.
The vulnerability allows an attacker to download the database of the application by accessing the db_backup.php file. The attacker can then search for the admin credentials.
An attacker can exploit this vulnerability to gain access to the admin login credentials.
Erolife AjxGaleri VT is prone to a database disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.
This exploit is a buffer overflow vulnerability in Novell eDirectory 8.8 SP5. It allows an attacker to execute arbitrary code on the vulnerable system by sending a specially crafted request to the vulnerable server. The exploit was discovered by His0k4 & Simo36 in 2010 and affects Windows XP SP3.
This exploit allows a remote attacker to execute arbitrary code on a vulnerable system. The vulnerability exists in the IEHelper ActiveX control, which is used by FlashGet 3.x. By setting the 'TestObj' object's classid to a specific CLSID, an attacker can execute arbitrary code on the vulnerable system.
A proof-of-concept exploit for a local crash vulnerability in GOM Audio was published in 2010. The exploit creates a file named 'poc.cda' and writes 10 'A' characters to it, which causes the application to crash.
A vulnerability exists in MobPartner Counter which allows an attacker to upload a malicious file to the server. The malicious file can be uploaded by editing the shell.php.pgif file and then accessing it via the upload.php page. This can allow an attacker to gain access to the server.
VP-ASP Shopping Cart 7.0 is vulnerable to a database download vulnerability. An attacker can download the database by accessing the URL http://127.0.0.1/vpasp/database/shopping700.mdb. The database contains user and password information in the 'tbluser' table.
PHPDug version 2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the 'id' parameter of the 'upcoming.php' script. This malicious code will be executed in the browser of the victim when the vulnerable page is accessed.
Services By CQR