This exploit allows an attacker to execute arbitrary commands on the target server through a directory traversal vulnerability in the 'template' argument. The exploit uploads a .jpg file with malicious EXIF metadata which is evaluated as PHP code. It also installs a backdoor on the target server called 'config.dist.php'.
SaphpLesson 2.0 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the administrator's username and password hash. The attacker can send a specially crafted HTTP request to the vulnerable application, which will then return the administrator's username and password hash.
Pentacle In-Out Board version 6.03 and prior is vulnerable to an authentication bypass vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the login.asp page with a username of 'any' and a userpassword of 'or '1'='1'. This will bypass the authentication and allow the attacker to gain access to the application.
Pentacle In-Out Board version 6.03 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the administrative panel of the application. The vulnerability exists in the 'newsdetailsview.asp' page, where the 'newsid' parameter is not properly sanitized before being used in an SQL query. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable page.
This exploit allows an attacker to execute arbitrary commands on a vulnerable iGENUS WebMail server. The vulnerability exists due to the use of register_globals and allow_url_fopen in PHP5. An attacker can use a specially crafted URL to execute arbitrary commands on the vulnerable server.
Lansuite 2.10 is vulnerable to a remote SQL injection vulnerability. This vulnerability allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'fid' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable system.
This module exploits a vulnerability in Safari's 'Safe file' feature, which will automatically open any file with one of the allowed extensions. This can be abused by supplying a zip file, containing a shell script, with a metafile indicating that the file should be opened by Terminal.app. This module depends on the 'zip' command-line utility.
This exploit is a Denial of Service (DoS) vulnerability in PunBB 2.0.10. It allows an attacker to send a malicious HTTP request to the target server, causing it to crash. The exploit is written in C and can be used on both Windows and Linux systems.
This exploit allows an attacker to execute arbitrary commands on a vulnerable Geeklog 1.* installation. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'loginname' and 'passwd' parameters of the 'users.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a malicious PHP code in the 'gl_session' cookie. This will cause the vulnerable script to execute arbitrary commands with the privileges of the web server.
MiniNuke CMS System all versions is vulnerable to SQL injection via the pages.asp file. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords.
Services By CQR