The NixCMS 1.0 version is vulnerable to SQL Ýnjection in the 'category_id' parameter. The SQL Ýnjection allows an attacker to manipulate the SQL query and execute arbitrary SQL commands. This can lead to unauthorized access, data leakage, or even complete system compromise.
The vulnerability allows an attacker to inject SQL commands.
This exploit allows an attacker to perform directory traversal attacks on Oracle Hospitality Simphony (MICROS) versions 2.7, 2.8, and 2.9. By manipulating the 'filename' parameter, an attacker can access files outside of the intended directory.
The xCart application is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by injecting a remote file path in the xcart_dir parameter of various PHP files. This can lead to the execution of arbitrary code or unauthorized access to sensitive information.
The vulnerability allows an attacker to upload arbitrary files.
This vulnerability allows an attacker to include a remote file in the vulnerable file /NuclearBB/tasks/send_queued_emails.php. The exploit URL is http://localhost/NuclearBB/tasks/send_queued_emails.php?root_path=http://localhost/shell.txt?. The vulnerability occurs due to the insecure handling of the root_path variable in the vulnerable file. By manipulating the root_path variable, an attacker can include arbitrary remote files, potentially leading to remote code execution or other malicious activities. The vulnerability was discovered by the author Infection from the Rootshell Security Team in 2007.
SQL injection on [id] parameter
Using the 'Load()' method in the VB To VSI Support Library, an attacker can load the content of a file from the local machine and then save it into an arbitrary location with the 'SaveAs()' method. This allows the attacker to overwrite well-known files with arbitrary data. The exploit code provided demonstrates overwriting the 'cmd.exe' file with a modified 'system_.ini' file.
This exploit targets Sync Breeze Enterprise v10.4.18 Server and allows for an unauthenticated remote buffer overflow. By sending a specially crafted packet to the server, an attacker can trigger a buffer overflow condition, potentially leading to remote code execution.
This exploit targets the PDWizard.ocx file in Microsoft Visual Studio 6.0. The ocx file contains dangerous methods, including 'StartProcess()' and 'SyncShell()'. By using the 'StartProcess()' method, an attacker can execute any program by providing the right argument. This PoC demonstrates the execution of calc.exe, but any program can be executed. This vulnerability has the potential for significant impact.
Services By CQR