The FusionForge 5.0 application is vulnerable to multiple remote file inclusion vulnerabilities. An attacker can exploit these vulnerabilities to include arbitrary remote files, leading to remote code execution.
The eToken PKI Client is vulnerable to an unspecified memory corruption issue. This vulnerability can be exploited by creating a specially crafted virtual file, which can lead to arbitrary code execution or denial of service.
A vulnerability exists in vBulletin add-on "Cyb - Advanced Forum Statistics" in the misc.php file show=latestposts&vsacb_resnr=, where the application loads all latest 'n' no of posts depending on (vsacb_resnr= n) value. By setting a large value for "vsacb_resnr", an attacker can make vBulletin load a huge number of data from the database, causing it to run out of memory and crash PHP. This can potentially crash the entire server and result in denial of service.
This exploit allows an attacker to execute arbitrary code on a target system running AzDGDatingLite version 2.1.3 or possibly prior versions. It supports generic HTTP proxy for remote execution. The attacker needs to launch this script from Apache, fill the requested fields, and execute the exploit.
The exploit allows an attacker to include local files by manipulating the 'controller' parameter in the URL. The vulnerability can be exploited by appending '../../../../../../../../../../../' to the 'controller' parameter.
The method in which Java Web Start support has been added to the JRE is not less than a deliberately embedded backdoor or a flagrant case of extreme negligence. The code snippet provided shows a subroutine that is responsible for opening a registry key with the path "JNLPFileShellOpenCommand" and it sets the desired access rights and options. This vulnerability can potentially allow an attacker to execute arbitrary code or perform unauthorized actions on the affected system.
This exploit targets CompleteFTP v3.3.0 and causes remote memory consumption denial of service. The exploit saturates the RAM to approximately 2GB in around 60 seconds.
This exploit takes advantage of the _init section in a shared library to execute arbitrary code or crash an application. By overwriting the _init section with shellcode or malicious data, an attacker can exploit applications that use shared libraries, such as Mozilla, Geany IDE, Compiz, and Epiphany web browser. The exploit involves creating a custom compiled file with a custom _init section that executes the execve() function to spawn a shell. The exploit is in the form of a shared library file (.so).
The Joomla Component VJDEO 1.0 is vulnerable to a Local File Inclusion (LFI) exploit. By manipulating the 'controller' parameter in the index.php file, an attacker can access sensitive system files, such as /etc/passwd.
This exploit allows for the binding of a persistent command shell on port 9999. It has been tested on Windows 2000 Professional SP3 English version with fp30reg.dll version 4.0.2.5526.
Services By CQR