The CreaDirectory v1.2 script is vulnerable to remote SQL injection. An attacker can exploit this vulnerability to execute arbitrary SQL commands and retrieve sensitive information from the database. The vulnerability exists in the 'error.asp' page, where the 'id' parameter is not properly sanitized before being used in a SQL query.
This exploit allows remote code execution in Internet Download Manager through OLE Automation Array. It affects all versions of IDM and has been tested on Windows 7 and Server 2008.
The Joomla! plugin Helpdesk Pro version prior to 1.4.0 is vulnerable to multiple exploits including direct object references, XSS, SQL injection, local file disclosure/path traversal, and file upload vulnerabilities. These vulnerabilities allow an attacker to read other users' support tickets, execute malicious scripts, manipulate the database, and disclose local files on the server. The vulnerabilities have been assigned the following CVEs: CVE-2015-4071 (Direct Object References), CVE-2015-4072 (Multiple XSS), CVE-2015-4073 (SQL Injection), CVE-2015-4074 (Local file disclosure/Path traversal), and CVE-2015-4075 (File Upload).
The script causes a denial of service (DoS) by sending multiple requests to the target host. It exploits a vulnerability in the Image Transfer IOS application.
The Rezervi Generic 0.9 script is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by including a malicious file via the 'root' parameter in various files within the templates and belegungsplan directories. This allows the attacker to execute arbitrary code on the target system.
This exploit allows an attacker to execute arbitrary code remotely in AimStats v3.2. The vulnerability can be exploited by sending specially crafted requests to the vulnerable server. This can lead to unauthorized access and control over the affected system.
The Mozzers SubSystem v1.0 Final has a remote code execution vulnerability that allows attackers to execute arbitrary code on the affected system. This vulnerability can be exploited by sending a specially crafted request to the vulnerable application. Successful exploitation of this vulnerability can result in unauthorized access, data manipulation, or system compromise.
This vulnerability allows an attacker to include remote files and execute arbitrary code on the target system. It can be exploited by using a specially crafted URL to include a malicious file.
The exploit description is not provided in the given text.
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.