This exploit allows an attacker to perform a blind SQL injection attack on the XOOPS Module RM+Soft Gallery 1.0 through the categos.php file. The vulnerability allows the attacker to retrieve sensitive information from the database.
The TA.CMS application is vulnerable to multiple local file-include and SQL-injection vulnerabilities. An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and execute arbitrary local files within the context of the webserver.
The TA.CMS application is vulnerable to multiple local file inclusion and SQL injection vulnerabilities. An attacker can exploit these vulnerabilities to compromise the application, gain unauthorized access to or modify data, exploit other vulnerabilities in the database, and view and execute arbitrary local files within the context of the webserver.
The Adminimize plugin for WordPress is prone to a cross-site scripting vulnerability. This vulnerability occurs due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting user, within the context of the affected site. This can lead to the theft of cookie-based authentication credentials and the execution of other attacks.
The Advanced Text Widget plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
The Alert Before Your Post plugin for WordPress is vulnerable to cross-site scripting (XSS) due to inadequate input sanitization. An attacker can exploit this vulnerability by injecting arbitrary script code in the affected site's browser. This can lead to the theft of authentication credentials and enable further malicious activities.
The Digital Attic Foundation CMS is vulnerable to an SQL injection attack due to inadequate input sanitization. An attacker can manipulate the 'id' parameter in the 'index.php' page to inject malicious SQL code, potentially compromising the application, gaining unauthorized access to data, or exploiting other vulnerabilities in the underlying database.
This exploit allows an attacker to perform a blind SQL injection attack in the myAlbum-P module of XOOPS CMS version 2.0 or earlier. By manipulating the 'cid' parameter in the viewcat.php file, an attacker can extract sensitive information from the database.
The GoAhead WebServer is prone to multiple cross-site scripting vulnerabilities due to insufficient sanitization of user-supplied data. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of a victim user, potentially leading to the theft of authentication credentials and other attacks.
The Jetty Web Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks.
Services By CQR
