The vulnerability exists due to insufficient filtration of user-supplied input in the 'playid' parameter in the '/wp-content/plugins/contus-hd-flv-player/process-sortable.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in the application's database, caused by the use of the 'mysql_query()' function with unsanitized input. This can be exploited to disclose sensitive information, modify data, compromise the system, etc.
A vulnerability in ActualAnalyzer Server <=8.23 allows remote attackers to include arbitrary files via a URL in the rf parameter to direct.php.
The file claroline/auth/extauth/drivers/ldap.inc.php uses the variable clarolineRepositorySys in a include() function without being declared. There are other files vulnerable in the same folder, this exploit only attacks ldap.inc.php. There is other vulnerable file claroline/auth/extauth/casProcess.inc.php it uses the claro_CasLibPath in a include function but this is not being declared either, so pwnt, RFI.
The file dokeos/claroline/auth/ldap/authldap.php uses the variable includePath in a include() function without being declared. This issue has already been fixed in current claroline.net version, but dokeos still uses a vulnerable version.
A remote file inclusion vulnerability exists in EQdkp <= 1.3.0. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a malicious URL in the eqdkp_root_path parameter of the /includes/dbal.php script. This can allow the attacker to execute arbitrary code on the vulnerable system.
A Remote File Inclusion (RFI) vulnerability exists in ACal 2.2.6. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable application. The malicious URL contains a malicious file hosted on a remote server. When the vulnerable application processes the malicious URL, the malicious file is executed on the vulnerable system.
Input passed via multiple parameters in multiple scripts is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The file jetbox/includes/phpdig/includes/config.php uses the variable relative_script_path in a include() function without being declared. This issue has already been fixed in phpdig, but jetbox still uses a vulnerable version.
TimThumb is an image resizing utility, widely used in many WordPress themes. It is prone to a Remote Code Execution vulnerability, due to the script does not check remotely cached files properly. By crafting a special image file with a valid MIME-type, and appending a PHP file at the end of this, it is possible to fool TimThumb into believing that it is a legitimate image, thus caching it locally in the cache directory.
PHPFusion is a light-weight open-source content management system (CMS) written in PHP. It utilises a mySQL database to store site content and includes a simple, comprehensive adminstration system. This vulnerability allows an attacker to upload an arbitrary file and execute it on the server, as well as include local files on the server. This vulnerability affects PHPFusion v6.00.306, v6.00.207, and v6.00.110.
Services By CQR