The Axiom 0.8.6 photo gallery (template.php) is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by providing a malicious file as the baseAxiomPath parameter in the template.php file. This allows the attacker to execute arbitrary code on the server.
This module exploits the buffer overflow found in the LIST command in FileCopa FTP server pre 18 Jul 2006 version discovered by www.appsec.ch.
The uniForum version 4 (wbsearch.aspx) is vulnerable to remote SQL injection. An attacker can exploit this vulnerability by sending a specially crafted request to the wbsearch.aspx page. By manipulating the input parameters, an attacker can inject malicious SQL code into the application's database query, allowing for unauthorized access or manipulation of data.
The vulnerability exists due to a lack of proper sanitization of user-supplied input. An attacker can exploit this issue by sending a specially crafted request to retrieve arbitrary files in the context of the webserver process. This information can be used to launch further attacks.
The MOTIONBORG Web Real Estate version 2.1 and below is vulnerable to remote SQL injection. An attacker can exploit this vulnerability to execute arbitrary SQL commands and gain unauthorized access to the database.
The vulnerability allows an attacker to execute arbitrary code on the target system by injecting a malicious file through the 'INC' parameter in various PHP scripts.
The SpamBam plugin for WordPress is vulnerable to a security bypass issue. This is due to the fact that client-accessible data can be used to calculate verification keys. Attackers can exploit this vulnerability by submitting arbitrary form data via automated scripts and distribute spam.
This exploit allows an attacker to execute arbitrary commands on the target system through the @lex Guestbook <= 4.0.2 application. By exploiting a local file inclusion vulnerability, the attacker can include a malicious skin file that contains the desired command to be executed. The exploit retrieves the administrator password, logs in as the administrator, adds a skin, and writes the malicious skin file. The command executed in this example is 'whoami', which returns the username 'darkfig'.
An attacker can bypass Fortinet Fortigate's URL filtering functionality by sending specially-crafted HTTP requests terminated by the CRLF character and changing the HTTP version to 1.0 without sending the Host header and fragmenting the GET and POST requests. This allows the attacker to view unauthorized websites and bypass certain security restrictions.
This is a practical pwnage exploit for Application (UN)Enhancer, also known as APU. The exploit involves patching certain opcodes in the binary file of the framework to gain unauthorized access and control. The exploit targets the ApplicationEnhancer.framework and ApplicationUnenhancer.framework.
Services By CQR