Way Of The Warrior versions 5.0 and below suffer from local and remote file inclusion vulnerabilities.
b4913562d35071063d68e9ddeeeec8ffed04819680270ffeaa74df2d3ed8b3d6
A vulnerability allows remote attackers to execute code on vulnerable installations of Adobe Acrobat. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when processing malicious javascript contained in a PDF document. When creating a Collab object and performing a specific sequence of actions on it, memory corruption occurs potentially resulting in remote code execution. If successfully exploited full control of the affected machine running under the credentials of the currently logged in user can be achieved.
42374904d4b1208ff8703af67298c304e34bf7495b2cddcaac9b42494e5bc072
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists within the parsing of PDF objects defined in the file. When a specific object becomes malformed, a small memory corruption occurs which can be leveraged by an attacker to execute arbitrary code under the context of the current user.
83fcb2c8b363aecd0f52b7d84c9897263d7250d4ee9f6957c6eadeeccb666437
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of embedded Javascript code when opening a PDF. Adobe Acrobat has defined it's own set of Javascript functions that can be used in a PDF file. Due to improper parameter checking to one of these functions arbitrary memory can be over-written leading to remote code execution. If successfully exploited remote control of the target system can be gained with the credentials of the logged in user.
32057ab035963d55bca65f0262c3900d8b1ae3a4ff8d48a1d912e522ba19477c
Online Booking Engine suffers from a remote SQL injection vulnerability.
2a18094265fd228d848bd934119e96358d121176054653ff419ddcd8a831802b
DHCart suffers from multiple variable and stored cross site scripting vulnerabilities.
2cc2ee1cebe2610ae27e21cfbccb8ffbfa599956d384eb909f25ad11777bef88
iDefense Security Advisory 11.04.08 - Remote exploitation of a heap corruption vulnerability in Adobe Systems Inc.'s Acrobat Professional and Reader could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerable code is an AcroJS function available to scripting code inside of a PDF document. This function is used for HTTP authentication. By passing a long string to this function, it is possible to corrupt heap memory in such a way that may lead to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Acrobat Professional and Adobe Reader version 8.1.2. Previous versions may also be affected.
a68c90f63ac9868f9aebc1ff546acd3970b4d2503d3f2a2ce5fdfbfa73f12e69
iDefense Security Advisory 11.04.08 - Remote exploitation of an out of bounds array access vulnerability in Adobe System Inc.'s Adobe Reader could allow an attacker to execute arbitrary code as the current user. The vulnerability specifically exists in code responsible for parsing Type 1 fonts. After allocating an area of memory, no bounds checking is performed. Subsequent access of this memory may result in modification of arbitrary memory, which in turn may result in arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Adobe Reader version 8.1.1. Previous versions may also be affected.
535bcfb45222fcef1677636e3eccd5f01b7f0d1beaf872ff09641d7d8e2c9406
iDefense Security Advisory 11.04.08 - Remote exploitation of a stack based buffer overflow vulnerability in NOS Microsystems Ltd.'s getPlus Download Manager, potentially used by multiple vendors, could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in getPlus gp.ocx version 1.2.2.50, which is used in web based installations of Adobe Reader 8.1. Previous versions may also be affected.
f82cd5bb85b3a959d2c8d724ce4105aa767646e05a45b9d840a37588554309e9
WEBBDOMAIN Post Cart versions 1.02 and below suffer from a SQL injection vulnerability that allows for authentication bypass.
37461192886fed11dc1c7eca9d7a35efd16e7e0f50ce5eec30c34204edccf2a5
WEBBDOMAIN Webshop versions 1.02 and below suffer from a SQL injection vulnerability that allows for authentication bypass.
059304c2759b95cf12603cbe45f5129d7fc8fc99e0fff9fe6b49d8a36b325cfa
WEBBDOMAIN Quiz versions 1.02 and below suffer from a SQL injection vulnerability that allows for authentication bypass.
f499f48a5d714eea5dce010abed6affe1d6e04c2db9bd329cc2095da713b7573
WEBBDOMAIN Polls version 1.01 suffers from a SQL injection vulnerability that allows for authentication bypass.
251c6580e8a7d77651cea3cefa9e67b7d01fa19cb7fea122864b3c0a386318b3
WEBBDOMAIN Petition versions 1.02, 2.0, and 3.0 suffer from a SQL injection vulnerability that allows for authentication bypass.
e80f21930d6292389e885d9bac5c34ef3b41461be781add1ae43eef36e996ab0
FirmChannel Digital Signage version 3.24 suffers from a cross site scripting vulnerability.
bcb35fe0a2c40a10309b3795346c219cd63abc3846b20cc4b2ddf929a5a51479
TR News versions 2.1 and below remote login bypass exploit that makes use of login.php.
493418d6d1dd913ffa106d667a19796cc778012055bc46d51fc928b2823b3d89
sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.
88fc937ae2b316657d98efae05bba9f15d3823c3a78d7a9f4c5a244f2333ddad
Tours Manager version 1 suffers from a SQL injection vulnerability in cityview.php.
d5201e7c1eafd9806fc0f6edab7b1c715a4e5b13d4f5f53e888f0dd87ce9b4ef
Simple Document Management System version 1.1.4 suffers from a SQL injection vulnerability that allows for authentication bypass.
10b46566d69c1c073344914d95684f415af5bd0d29b007b7b2a700d580bd64a6
The Aruba Mobility Controller in ArubaOS version 3.3.2.6 suffers from a SNMP community string disclosure vulnerability.
f30235030c7d2b5d8b396e3e747d82f36e3c379d83f309d3c4d0182c84be4ab7
HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Xserver. The vulnerabilities could be exploited remotely to execute arbitrary code.
ced5c6740042c0cd094d009d362b7d7685ebb91d5fe0e017b9aab934a40f69b1
CMS-School 2005 suffers from a remote SQL injection vulnerability in showarticle.php.
4a40c0a4764f70fa3e49667b60718b8eec042b632f3283dc22018a9391d9d680
Vibro-School CMS suffers from a remote SQL injection vulnerability.
70e4865a631c3f5aea90319b988075756bd2da7ae39097c6569d96a86c5dc3bb
The ProDesk Joomla component versions 1.0 and 1.2 suffer from a local file inclusion vulnerability.
a943b10e9b1e68e798cdd809248c8d0f21fa3a93d5afe57d6811f80ace2fe2a1
Puglia Landscape suffers from a local file inclusion vulnerability.
8b2f776f420cbc87fe117b205b70792c4607e7550e41957005771e7b61df3876