The vulnerability allows an attacker to include remote files by manipulating the 'GALLERY_BASEDIR' parameter in the 'business_functions.php' and 'ui_functions.php' scripts. This can lead to remote code execution and unauthorized access to sensitive information.
An attacker can exploit this issue to force the affected application to become unresponsive, denying service to legitimate users.
The vulnerability allows remote attackers to include arbitrary files via the 'abs_path' parameter in the 'index.php' and 'checkout.php' scripts. This can lead to remote code execution and unauthorized access to sensitive information.
The vulnerability allows an attacker to include local files by manipulating the 'dsn[phptype]' parameter in the 'soustab.php' script. The attacker can specify the path of the file to be included, resulting in unauthorized access to sensitive information.
The exploit targets the Microsoft Dns Server and allows for local and remote RPC exploitation. It features OS fingerprinting, supports Windows 2000 server and Windows 2003 server, and includes universal local exploits for Win2k and Win2k3. The exploit uses the Microsoft RPC API.
An attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users which may aid in other attacks.
The vulnerability allows an attacker to include a remote file by manipulating the 'path' parameter in the affected URLs. This can lead to remote code execution or other malicious activities.
The 'com_szallasok' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The audioCMS arash 0.1.4 is vulnerable to remote file inclusion. The vulnerability allows an attacker to include remote files by manipulating the 'arashlib_dir' parameter in various scripts. This can lead to arbitrary code execution and compromise of the affected system.
The vulnerability allows remote attackers to include arbitrary files via a specially crafted URL in the GALLERY_BASEDIR parameter in needinit.php, reconfigure.php, unconfigured.php, and configmode.php scripts.
Services By CQR