The Bluo cms 1.2 is vulnerable to blind SQL injection. An attacker can exploit this vulnerability to extract sensitive information from the database by injecting malicious SQL queries.
This exploit targets Netcat version 1.1 and exploits a remote buffer overflow vulnerability. The vulnerability arises when using the "-e" switch in Netcat. It allows an attacker to execute arbitrary code on the target system. This can lead to unauthorized access, data theft, and other malicious activities. The vulnerability affects various scenarios, such as loading educational tools like uw-imapd with Netcat or using tools built on Netcat without proper security checks. The exploit code demonstrates a method to push a null byte onto the stack and call the system() function to execute arbitrary commands.
The exploit uses a specially crafted ANI cursor file to trigger a buffer overflow in Internet Explorer. If the user is not patched or browsing with Internet Explorer, the vulnerability can be exploited to execute arbitrary code.
This Perl code contains a command injection vulnerability that allows an attacker to execute arbitrary commands on the server. The vulnerability is caused by the insecure concatenation of user input into a system command. An attacker can manipulate the input to execute malicious commands.
The xtokkaetama 1.0b local game exploit on Red Hat 9.0 allows an attacker to execute arbitrary code with the privileges of the game user. The vulnerability is caused by a buffer overflow in the xtokkaetama game binary. By providing a specially crafted input, an attacker can overwrite the return address and gain control of the program flow, allowing the execution of arbitrary code. This exploit targets Red Hat 9.0 and requires local access to the system.
The NetArtMedia blog system is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by injecting malicious SQL queries into the application's input fields, which can lead to unauthorized access to the database and potential data leakage. This vulnerability can be exploited using the Firefox browser.
This vulnerability allows an attacker to execute arbitrary SQL commands on the remote database server.
Local users can modify the group ID of files, such as NFS exported files in kernel 2.4 (CAN-2004-0497). On Linux 2.6.x < 2.6.7-rc3, it's possible to change the group of files you don't own, even on local filesystems. This may allow a local attacker to perform privilege escalation.
This exploit takes advantage of a SQL injection vulnerability in the messages.php file of PHP-Fusion 7.00.1. It requires that the magic_quotes setting is turned off. The exploit allows an attacker to execute arbitrary SQL queries on the target system.
This exploit takes advantage of a buffer overflow vulnerability in the login function in various System V based operating systems. By sending a large number of arguments through services like telnet and rlogin, remote attackers can execute arbitrary commands. This specific exploit targets Solaris/SPARC 2.5.1/2.6/7/8.
Services By CQR