This exploit allows an attacker to remotely crash the iFTPStorage application on iPhone and iPod. By sending a large buffer of 'A' characters, the application crashes and becomes unresponsive.
This module exploits a buffer overflow in the CRAM-MD5 authentication of the MDaemon IMAP service.
The Web based HTTP Admin interface of LiteSpeed Web Server is vulnerable to a CSRF exploit that allows an attacker to add additional admin users. Additionally, the admin interface has XSS issues in the Notes field of the Virtual Server configuration.
This module exploits a heap overflow in the Novell ZENworks Desktop Management agent.
The vulnerability allows an attacker to perform SQL injection attacks and cross-site scripting attacks on the OSClassi website. The SQL injection vulnerability allows an attacker to execute arbitrary SQL commands, potentially gaining unauthorized access to the database. The XSS vulnerability allows an attacker to inject malicious scripts into web pages viewed by other users.
This exploit takes advantage of a stack overflow vulnerability in the Rising Online Virus Scanner ActiveX Control. By passing a large string as an argument to the 'Scan()' function, it causes the control to crash, resulting in a denial of service condition.
A remote code execution and local elevation of privilege vulnerability exists in Plug and Play that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. This is a remote code execution and local privilege elevation vulnerability. On Windows 2000, an anonymous attacker could remotely try to exploit this vulnerability. On Windows XP Service Pack 1, only an authenticated user could remotely try to exploit this vulnerability. On Window XP Service Pack 2 and Windows Server 2003, only an administrator can remotely access the affected component. Therefore, on Windows XP Service Pack 2 and Windows Server 2003, this is strictly a local privilege elevation vulnerability. An anonymous user cannot remotely attempt to exploit this vulnerability on Windows XP Service Pack 2 and Windows Server 2003.
This exploit takes advantage of a buffer overflow vulnerability in Easy~Ftp Server v1.7.0.2. It specifically targets the MKD and DELE commands, using a payload that contains bad characters. By sending a specially crafted request, an attacker can cause a stack-based buffer overflow, potentially leading to remote code execution.
The WordPress Copperleaf Photolog plugin is vulnerable to SQL injection. The vulnerability allows an attacker to execute arbitrary SQL queries in the context of the application's database. By exploiting this vulnerability, an attacker can potentially gain unauthorized access to sensitive information or modify the database.
This module exploits a code execution exploit in wordpress blog <= 1.5.1.3.
Services By CQR