A vulnerability exists in SmartSite CMS version 1.0 and earlier, which allows remote attackers to include arbitrary files via a URL in the root parameter to include/inc_foot.php. This can be exploited to execute arbitrary PHP code by including a URL pointing to a PHP script.
Winamp 5.21 is vulnerable to a buffer overflow in the in_midi.dll module. The vulnerability is triggered when a specially crafted .mid file is opened. This can be exploited to execute arbitrary code by tricking a user into opening a malicious .mid file.
dotProject is vulnerable to a remote file inclusion vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'baseDir' parameter of the 'db_adodb.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system with the privileges of the webserver process.
Variable $root_path not sanitized.When register_globals=on and allow_fopenurl=on an attacker can exploit this vulnerability with a simple php injection script.
A vulnerability in the UPB (Universal Power Board) software allows an attacker to bypass authentication and gain access to the system. This vulnerability is due to the use of a weak encryption algorithm in the authentication process. The encryption algorithm used is a simple XOR operation, which can be easily reversed. By reversing the XOR operation, an attacker can gain access to the system without authentication. The vulnerability affects versions 1.8.2 and 1.9.6 of the UPB software.
The following URL can be used to trigger an SQL injection vulnerability in the pages.asp: http://localhost/myasg/pages.asp?order='&mese=1. Input passed to the strAsgSknPageBgColour (and ...) in 'settings_skin.asp' isn't properly sanitised before being stored in the 'inc_skin_file.asp'. This can be exploited to inject arbitrary ASP code.
An attacker can exploit a SQL injection vulnerability in WeBBoA Host Script v1.1 to gain access to sensitive information. By sending a specially crafted HTTP request to the vulnerable application, an attacker can execute arbitrary SQL commands in the back-end database. This can be used to access or modify data in the back-end database, or to gain access to the underlying file system and operating system.
INDEXU v5.0.1 is vulnerable to remote file inclusion due to the vulnerable code include($admin_template_path."msg.php"); which allows an attacker to include a remote file on the web server. The vulnerable files in the admin folder are app_change_email.php,app_change_pwd.php,app_mod_rewrite.php,app_page_caching.php,app_setup.php,cat_add.php,cat_delete.php,cat_edit.php,cat_path_update.php,cat_search.php,cat_struc.php,cat_view.php,cat_view_hidden.php,cat_view_hierarchy.php,cat_view_registered_only.php,checkurl_web.php,db_alter.php,db_backup.php,db_alter_change.php,db_export.php,editor_add.php,db_import.php,editor_delete.php,editor_validate.php,head.php,inv_config.php,inv_create.php,inv_delete.php,inv_edit.php,inv_config_payment.php,inv_markpaid.php,inv_markunpaid.php,inv_overdue.php,inv_paid.php,inv_send.php,inv_unpaid.php,index.php,lang_modify.php,link_add.php,link_bad.php,link_bad_delete.php,link_checkurl.php,link_delete.php,link_duplicate.php,link_edit.php,link_premium_listing.php,link_premium_sponsored.php,link_search.php,link_sponsored_listing.php,link_validate.php,link_validate_edit.php,link_view.php,log_search.php,mail_modify.php,menu.php,message_create.php,message_delete.php,message_edit.php,message_send.php,message_subscriber.php,message_view.php,review_validate.php,review_validate_edit.php,summary.php,template_delete.php,template_delete_file.php,template_duplicate.php,template_active.php,template_add_custom.php,template_export.php,template_import.php,template_manager.php,user_search.php,user_add.php,user_delete.php,user_edit.php,user_group_add.php,user_group_delete.php,user_group_edit.php,user_group_view.php,user_view.php
A symlink attack is possible, and as a result it is possible to read the first line of any file with uid=0.
Ad Manager Pro 2.6 is vulnerable to a Remote File Include vulnerability. This vulnerability is due to the 'ad.php' and 'common.php' files not properly sanitizing user input supplied to the 'ipath' parameter. An attacker can exploit this vulnerability by supplying a malicious URL to the 'ipath' parameter. This can allow the attacker to execute arbitrary code on the vulnerable system.
Services By CQR