The vulnerability allows an attacker to include a remote file in the application, which can lead to remote code execution or other malicious activities.
The exploit allows an attacker to create a specially crafted file that triggers a buffer overflow in Any Sound Recorder 2.93. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.
When a user logs in, Flatnuke sets a cookie value. The code checks if the cookie value contains the string 'myforum='. If it does, the user is asked to log in again. However, this filter can be bypassed using a nullbyte and logging in as admin. Additionally, in the download module, if the 'fneditmode' parameter is set to '1', a directory can be created and a PHP code can be executed through the directory description.
In the Schiocco "Support Board - Chat And Help Desk" plugin 1.2.3 for WordPress, a Stored XSS vulnerability has been discovered in file upload areas in the Chat and Help Desk sections via the msg parameter in a /wp-admin/admin-ajax.php sb_ajax_add_message action.
A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter.
Profile type users+ can download arbitrary files. The vulnerability is present in the navigate_download.php file. By manipulating the 'id' parameter, an attacker can download any file from the server.
The KORA 2.7.0 web application is vulnerable to SQL Injection. An attacker can exploit this vulnerability by injecting malicious SQL queries into the 'cid' parameter of the 'assocSearch' action in the 'control.php' file. This can lead to unauthorized access to the database and potential data leakage.
Flatnuke doesn't use any database, so the registred users informations are located in a php file like /flatnuke3/misc/fndatabase/users/username.php . By the file manager module, the administrator, can upload, make, edit or delete some files, only while he's logging in. By the way, making a post whit the same request of that module, we can replace or edit a file, for example an user profile. So, there are a lot of way to exploit this vulnerability, we can edit the admin credentials, we can upload a malicious php script, and much more... But to exploit this vulnerability, we need to know the script path. We can get it generating a full path disclosure.
A Stored XSS vulnerability has been discovered in version 4.1.0 of AlchemyCMS via the /admin/pictures image field.
This script is a Perl implementation of a DNS reflection DDoS attack. It uses Net::DNS::Resolver and Net::RawIP modules to send DNS packets to open, recursive DNS servers. The attack involves spoofing the source IP address to that of the target, so that the responses from the DNS servers are directed towards the target, causing a flood of traffic.
Services By CQR