The Joomla Custom PHP Pages Component is affected by a Local File Inclusion (LFI) vulnerability. The vulnerability allows an attacker to include arbitrary files from the server, potentially leading to remote code execution. The vulnerability exists in the 'php.php' file of the component, where user-supplied input is used without proper sanitization.
Adobe Shockwave Player version 11.5.6.606 and earlier suffers from memory consumption/corruption and buffer overflow vulnerabilities that can lead to denial of service and arbitrary code execution. The vulnerabilities occur when processing .dir files, causing a crash and memory register overwrite.
An unauthenticated remote code execution vulnerability exists in the way that the Windows Mail Client handles certain email messages. This vulnerability allows an attacker to execute arbitrary code on the target system.
The Family Connections version 2.2.3 is affected by multiple vulnerabilities, including multiple blind SQL injection and multiple SNMP injection. The blind SQL injection vulnerability exists in the numeric fields, which are not properly sanitized. The SNMP injection vulnerability allows injecting arbitrary SNMP headers by improperly sanitizing the parameters passed to the mail() PHP function.
This exploit targets Opera 8.2 on Windows XP Professional SP2. By creating a specially crafted HTML file, an attacker can trigger a denial of service condition, causing the application to crash. This can be achieved by providing a large input to the 'bodyA' tag, causing a buffer overflow.
This exploit targets the phpscripte24 Live Shopping Multi Portal System by injecting SQL commands through the 'seite' parameter in the index.php file. It allows an attacker to execute arbitrary SQL queries on the database, potentially leading to unauthorized access or data manipulation.
This module exploits a stack overflow in IDEAL Migration version 4.5.1. By creating a specially crafted ipj file, an an attacker may be able to execute arbitrary code.
The vulnerability allows an attacker to inject SQL queries into the application's database. By exploiting this vulnerability, an attacker can retrieve sensitive information from the database.
Scanning of malicious file causes heap corruption in context of the service process (ekrn.exe). See Dr. Watson log (drwtsn32.log) for details.
This exploit triggers a crash in MS Paint due to an integer overflow vulnerability. The exploit code is written in Perl and it sends a specially crafted image file to the target. When MS Paint tries to open the image, it crashes.
Services By CQR