The exploit creates a malicious payload to cause a denial of service attack on BOOTP Turbo 2.0. It overwrites the SEH chain of the main thread, causing the application to crash.
This exploit allows an attacker to inject XML external entities into the Citrix XenMobile Server, potentially leading to disclosure of internal files or denial of service attacks. The vulnerability exists in XenMobile Server 10.8 before RP2 and 10.7 before RP3. By sending a specially crafted XML payload, an attacker can exploit this vulnerability to trigger the XXE vulnerability and perform unauthorized actions.
This vulnerability allows an attacker to include remote files in the XZero Community Classifieds version 4.95.11 and earlier. By manipulating the 'path_escape' parameter in the 'config.inc.php' file, an attacker can include arbitrary files from a remote server. This can lead to remote code execution or other malicious activities.
Trend Micro Security can potentially allow an attackers to use a malicious program to escalate privileges to SYSTEM integrity and attain persistence on a vulnerable system.
The Wordpress Time Capsule Plugin version 1.21.16 and below allows an attacker to bypass authentication and gain administrative access. This can be exploited by sending a specially crafted request to the target server. The vulnerability was discovered by B. Canavate and is based on previous research by the team at webarxsecurity.com. A proof-of-concept code is available on GitHub.
The XZero Community Classifieds script version 4.95.11 is vulnerable to Local File Inclusion (LFI) and SQL Injection. The LFI vulnerability can be exploited by manipulating the 'pagename' parameter in the 'view=page' URL to include arbitrary files. The SQL Injection vulnerability can be exploited by manipulating the 'subcatid' parameter in the 'view=post' URL to execute arbitrary SQL queries. The vulnerabilities allow an attacker to read sensitive files and extract information from the database.
This exploit allows for running cmd.exe. It was tested on ntoskrnl version 10.0.18362.295.
A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file (CVE-2020-2696).
Blakord Portal <= Beta 1.3.A (all modules) is vulnerable to blind SQL injection. An attacker can manipulate the SQL queries to extract sensitive information from the database. The vulnerability allows an attacker to execute arbitrary SQL commands.
Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL.
Services By CQR