The vulnerability allows an attacker to execute arbitrary SQL queries on the target system, potentially gaining unauthorized access to sensitive information. The exploit involves manipulating the 'c_id' parameter in the 'news.php' file of dB Masters' Curium CMS version 1.03 or earlier. By injecting SQL code into the 'c_id' parameter, an attacker can bypass authentication and retrieve usernames and passwords from the 'cm_users' table.
This exploit allows an attacker to execute remote code on F3Site version 2.1. It requires an admin session and cookies prefix to work.
The Opera Web Browser is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials, change the browser's settings, and launch other attacks.
The vulnerability allows an attacker to include a remote file by manipulating the 'root_path' parameter in the 'poll.php' script. This can be exploited to execute arbitrary code on the server.
A vulnerability exists in all current versions of EQdkp that allows one to spoof their referring URL to gain access to an integrated class-1 MySQL Backup/Restore program which allows one to download and modify sensitive SQL data. The script only checks for authentication via referring URL from the administration control panel. From the EQdkp_USERS.sql file, the username/email and MD5 Hashed password can be obtained. From there, the password needs to be cracked.
The InterWorx application stores its data in a MySQL-database. For interaction with the database dynamic queries are used. These queries are created by concatenating strings from the application with user input. However, the application does not perform proper validation or escaping of the supplied input in the 'i' parameter when sorting user accounts in NodeWorx, Siteworx and Resellers. Malicious users with access to this functionality can manipulate database queries to achieve other goals than the developers had in mind.
This module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".
The vulnerability allows an attacker to execute arbitrary code on the server by exploiting a parameter in the index.php file. The attacker can provide a malicious value for the 'rootpath' parameter, which is not properly validated or sanitized, allowing for remote code execution.
Kemana stores database backups using the Backup DB tool with a predictable file name inside the '/admin/backup' directory as '_Full Backup YYYYMMDD_1.sql' or '_Full Backup YYYYMMDD_1.gz', which can be exploited to disclose sensitive information by downloading the file. The '/admin/backup' is also vulnerable to directory listing by default.
The Linux and BSD LPR exploits are buffer overflow vulnerabilities that allow an attacker to execute arbitrary code with the privileges of the lpr daemon. The exploit code overflows a buffer in the lpr command, allowing the attacker to overwrite the return address and execute shellcode.
Services By CQR