This is a SQL Injection exploit for Gelato CMS. It allows an attacker to retrieve usernames and MD5 hashes from the database by exploiting a vulnerability in the 'users' table.
The hpqutil.dll in HP All-in-One Series Web Release and HP Photo & Imaging Gallery version 1.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap overflow) via a crafted web page with an ActiveX control that triggers a heap overflow, as demonstrated by a call to the FindFile function.
When parsing ShadingPatterns, if a pattern colorspace is used as the base colorspace, it is not validated. This leads to out-of-bounds reads when rendering using the malformed shading pattern.
The JBlog ver 1.0 script is vulnerable to remote SQL injection. An attacker can use the 'id' parameter in the index.php and modifpost.php files to inject SQL queries, allowing them to retrieve sensitive information from the database. The exploit sends a GET request with a specially crafted 'id' parameter to retrieve the login and password of the admin user from the 'auteur' table. The password is hashed with the MD5 algorithm.
IDERA Uptime Monitor 7.8 is affected by multiple SQL injection vulnerabilities. User controlled data is included in SQL queries made by the application without first being properly sanitized. As a result, a remote unauthenticated user can inject arbitrary SQL queries into the applicationβs back-end database. The SQL injection vulnerability is located in β/gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.phpβ.
The script phpwebquest version 2.5 is vulnerable to SQL Injection. The injected file is webquest/soporte_derecha_w.php and the vulnerable variable is id_actividad. By exploiting this vulnerability, an attacker can retrieve sensitive information from the database.
The vulnerability allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
The vulnerability exists in the _includes/settings.inc.php file of Ajax File Browser 3 Beta. The code on line 12 includes a file using the require_once function without properly sanitizing user input. An attacker can exploit this vulnerability by providing a malicious URL in the 'approot' parameter, leading to remote file inclusion.
The user controlled input to K7Sentry device is not properly sanitized, allowing an attacker to compare an arbitrary memory address with a fixed value and read the content of arbitrary memory. By sending an invalid kernel pointer, the attacker can crash the K7 Total Security process.
The iB-WRA150N devices have hard coded accounts with default usernames and passwords. This allows an attacker to gain unauthorized access to the device. Additionally, the devices are vulnerable to remote command execution due to insufficient input filtering in the ping test arguments on the Diagnostics page. An attacker can inject arbitrary commands and retrieve sensitive files such as the /etc/passwd file.
Services By CQR