The com_mosmedia component for Mambo and Joomla allows remote attackers to include arbitrary files via the mosConfig_absolute_path parameter in (1) media.tab.php or (2) media.divs.php. This vulnerability can be exploited by an attacker to execute arbitrary code on the target system.
Any authenticated or non-authenticated user can perform a stored XSS attack simply by exploiting wp_ajax_nopriv_check_stat action. Plugin uses a widget to display website's visits, so any page that contains this widget will also load the malicious JS code.
The vulnerability allows an attacker to include a remote file from a vulnerable website, which can lead to arbitrary code execution.
The Mambo/Joomla Module Weather is vulnerable to remote file inclusion. The vulnerability allows an attacker to include a remote file using the 'absolute_path' parameter in the 'mod_weather.php' script. This can lead to arbitrary code execution or disclosure of sensitive information.
The CodeBreak script is vulnerable to remote file inclusion. The vulnerable code includes a file based on user-controlled input ($_POST['process_method']). An attacker can manipulate the input to include a malicious file from a remote server, leading to arbitrary code execution.
The plugin "NewStatPress" in WordPress is vulnerable to an authenticated SQL injection vulnerability (CVE-2015-4062) and an authenticated XSS vulnerability (CVE-2015-4063). The SQL injection vulnerability can be exploited by an authenticated user by manipulating the "where1" parameter in the "admin.php" page. The XSS vulnerability can also be exploited by an authenticated user by manipulating the "where1" parameter in the same page.
Wordpress Video Gallery 2.8 suffers from Unprotected Mail Page vulnerability which can be exploited for dos, phishing, mailbombing, spam. The 'email' ajax action is callable from any guest visitor (/contus-video-gallery/hdflvvideoshare.php). Any user can send email from /contus-video-gallery/email.php to any recipients. The variables used to send emails are: $to, $from, $url, $subject, $message_content, $title, $referrer, $referrer_host, $pageURL. It assumes that if the provided 'Referrer' field fits the website's URL, then it's okay to send this email.
This exploit allows remote attackers to execute arbitrary code on the target system running PunBB version 1.2.14 or earlier. The vulnerability exists due to improper sanitization of user-supplied input in the login.php file. By sending a specially crafted request, an attacker can inject and execute arbitrary PHP code on the target system.
Gran Paradiso is unable to handle a multiple request of non-existent applet so, after some page refresh, crashes or stops to answer. You can try this exploit here www.shinnai.altervista.org/nea.html but, if so, you need a little patience 'cause it's too slow than from local exploitation.
This exploit takes advantage of a race condition in the apport program in Ubuntu to gain root access. By exploiting this vulnerability, an attacker can escalate their privileges to root.
Services By CQR
