This code demonstrates a stack overflow vulnerability in Gaim 1.2.1 when processing email addresses. It causes a segfault when executing the /vuln command in a conversation. If a protocol allows a 10002-character message to go through, it also segfaults the recipient. The vulnerability is due to the stack being overwritten with 'A's and the return address of the function being set to 0x41414141.
The Bifrost 1.2.1 exploit is a buffer overflow vulnerability that allows an attacker to execute arbitrary code on a remote system. The vulnerability exists in the 'header' function, which is called when generating the header for a Bifrost connection. By sending a specially crafted request, an attacker can overwrite the return address of the function and gain control of the execution flow. This exploit uses a combination of techniques, including RC4 encryption and shellcode injection, to bypass security measures and achieve remote code execution.
This exploit allows an attacker to include remote files in the VS-News-System version 1.2.1. The vulnerability is present in the 'newsordner' parameter of the 'show_news_inc.php' file. By manipulating the 'newsordner' parameter, an attacker can include a remote file hosted on a different server. This can lead to remote code execution or disclosure of sensitive information.
This exploit allows an attacker to perform a remote SQL injection attack on ExoPHPDesk version 1.2.1 through the faq.php file. By manipulating the 'id' parameter in the URL, an attacker can execute arbitrary SQL queries and potentially gain unauthorized access to the database.
The 'Display name' and 'Description' fields in BP Group Documents 1.2.1 are not escaped, allowing for the storage of script tags and potential XSS attacks.
chillyCMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible.
The WP Survey And Quiz Tool for Wordpress is prone to a cross-site scripting vulnerability due to improper sanitization of user-supplied input. An attacker can exploit this vulnerability by injecting arbitrary script code into the affected site, potentially leading to the theft of authentication credentials and other attacks.
The Tomaž Muraus Open Blog application is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
The myGallery 1.2.1 script is vulnerable to a remote file inclusion vulnerability. This vulnerability allows an attacker to include and execute arbitrary remote files on the server.
Registered users with blog keeping privileges can access personal gallery functionality and upload image files to the server. File uploading can be dangerous without proper security checks.
Services By CQR