The vulnerability exists in the 'NGDatBckpSrv' service of NETGATE Data Backup 3.0.620. The service has an unquoted service path, which could allow an attacker to gain elevated privileges and execute arbitrary code.
Firing the provided code will cause the Cisco WLC 2504 system to reload, resulting in a Denial of Service (DoS) condition.
This exploit allows an attacker to inject external entities into an XML document, potentially leading to information disclosure or denial of service.
The PHP ZLink v0.3 (go.php) script is vulnerable to SQL Injection. The script fails to properly sanitize user input in the 'id' parameter, allowing an attacker to manipulate the SQL query and extract sensitive information from the database. By crafting a specially crafted request, an attacker can bypass authentication and retrieve the usernames and passwords from the 'admin' table. This vulnerability was discovered by DNX.
This exploit allows an attacker to forge a request on behalf of a user without their knowledge or consent, potentially leading to unauthorized actions or data exposure.
The Anviz CrossChex software version 4.3.12 is vulnerable to a local buffer overflow. This vulnerability can be exploited by an attacker to execute arbitrary code or crash the software.
This exploit creates a Denial of Service (DoS) attack on Nsauditor version 3.1.8.0. It involves creating a file with a payload that causes the software to crash when the content of the file is pasted into the 'Key' field during registration.
The Dokuwiki version 2018-04-22b 'Greebo' allows for username enumeration through the 'set new password' page. By testing for non-valid usernames, it is possible to determine whether a user exists in the database. The vulnerability can be exploited by sending a POST request to the /doku.php?id=start&do=resendpwd endpoint.
This Perl script exploits a vulnerability (CVE-2006-4343) in SSL servers, where a specially crafted SSL serverhello response can cause the SSL client to crash.
This exploit allows an attacker to create a file with a large buffer and crash the SpotAuditor software by pasting the characters from the file into the 'Name' field.
Services By CQR