A SQL injection vulnerability exists in WorldPay Script Shop (productdetail) which allows an attacker to inject malicious SQL queries via the 'id' parameter in the 'productdetail.php' script. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords from the database.
An authentication bypass vulnerability exists in Simple Portal V2.0 due to improper validation of user-supplied input. An attacker can exploit this vulnerability to bypass authentication and gain access to the application.
The Acidcat CMS v 3.5 is vulnerable to multiple vulnerabilities, including directory traversal, SQL injection, and remote file inclusion. The vulnerable URLs are http://server/[dizin]/databases/acidcat_3.mdb and http://server/[dizin]/install.asp. The script is powered by Acidcat CMS v 3.5.1.f.
A remote SQL injection vulnerability exists in Joomla Bamboo Simpla Admin Template. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the application database and potentially compromise the application and its data.
An attacker can exploit this vulnerability by injecting malicious SQL code into the 'id' parameter of the 'firmapage.php' script. This can allow the attacker to access, modify, or delete data from the database.
Rezervi version 3.0.2 and prior are vulnerable to a Remote File Inclusion (RFI) vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'root' parameter in the '/include/mail.inc.php' script. An attacker can exploit this vulnerability to include arbitrary remote files, allowing for the execution of arbitrary code on the vulnerable system.
A Blind SQL Injection vulnerability was discovered in the Joomla Component com_otzivi. An attacker can exploit this vulnerability to gain access to admin credentials.
A remote SQL injection vulnerability exists in the bridgeofhope component of Joomla. An attacker can exploit this vulnerability to execute arbitrary SQL commands on the underlying database server.
Live TV script is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by sending a malicious SQL query to the server via the 'mid' parameter in the 'index.php' file. This query can be used to extract sensitive information from the database, such as usernames and passwords.
In ordinary cases browser would redirect to 'http://www.google.com' but in this case browser will report error for something that should be possible and is possible on other browsers.
Services By CQR