A remote file inclusion vulnerability exists in actSite v1.991 Beta. The vulnerability is due to improper sanitization of user-supplied input in the $BaseCfg[BaseDir] parameter in lib/base.php. An attacker can exploit this vulnerability to include arbitrary remote files, which could lead to remote code execution.
PHP Dashboards is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
PHP Dashboards is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The actSite v1.56 (news.php) is vulnerable to Local File Inclusion. The vulnerability allows an attacker to include local files from the server by manipulating a POST parameter in the news.php file. By using a specially crafted request, an attacker can include arbitrary files and potentially read sensitive information from the server.
This exploit creates a malicious payload that causes a denial of service on FTPShell Server 6.80. It creates a file called Evil.txt containing a buffer of 2500 characters, filled with 'A' characters.
The exploit allows for a local buffer overflow in FTPShell Server v6.80, bypassing SafeSEH protection. By pasting the contents of Evil.txt in the 'Password' field under configure accounts>Change pass, an attacker can execute arbitrary code.
The vulnerability allows remote attackers to include arbitrary files via a specially crafted URL in the openid_root_path parameter in BBStore.php.
It is a vulnerability in MySQL Smart Reports 1.0 that allows for SQL Injection and Cross-Site Scripting attacks. An attacker can exploit the 'id' parameter to inject malicious SQL queries or script code.
all of the print and preview pages have the same vulnerabilities. (template_SBilling.php, template_Receipt.php, template_SBillingPerforma.php, template_SBillingQuotation.php) All of them use the same parameters. An attacker can use any of these.
The parameter $mx_root_path is not declared before include_once.
Services By CQR