A remote, client-side buffer overflow vulnerability affects xlreader. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.
A remote denial of service vulnerability exists in Vypress Tonecast. When a malformed audio stream is processed, it causes the software to crash, resulting in a denial of service condition for legitimate users.
Sql injection
Under certain circumstances, PHP's strip_tags() function improperly leaves malformed tags in place, allowing for potential cross-site scripting and HTML injection vulnerabilities when viewed by Microsoft Internet Explorer or Apple Safari web browsers.
Blind SQL Injection
The vulnerability exists in the includes/functions_admin.php file of the PNphpBB2 forum software. By manipulating the phpbb_root_path parameter in a specific URL, an attacker can include a remote shell and execute arbitrary code on the server. This vulnerability allows for remote code execution.
Apache may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is only reported to present itself in Apache running on cygwin platforms. A remote attacker may traverse outside the server root directory by using encoded '..' character sequences.
This module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the DisablePayloadHandler advanced option to true, and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to spefic servers this module also supports that functionality via the DEPLOYLIST option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
The Plug and Play Web Server is prone to a directory traversal issue that allows remote attackers to access files outside of the server root directory by using '../' or '..' character sequences. This vulnerability can be exploited by sending specially crafted requests to the server.
A problem in the HappyMall E-Commerce software package could allow an attacker to pass arbitrary commands through the member_html.cgi script. This could lead to attacks against system resources.
Services By CQR