2daybiz Video Community portal is the ultimate solution for starting your video sharing and uploading community similar to YouTube, Daily Motion and Myspace Videos. This enterprise level video sharing software offers a powerful and rich featured solution. In this software members can upload videos, rate videos, tag videos, leave comments, edit uploaded videos, title and description set video as public/private, video play list, create channels, groups and favorite videos.
This vulnerability allows an attacker to inject SQL queries into the website's database, potentially gaining unauthorized access to sensitive information or modifying data.
iBoutique is a PHP ecommerce solution that allows you to setup and maintain your own estore. It has a SQLi vulnerability and an XSS vulnerability. The SQLi vulnerability can be exploited by manipulating the 'page' parameter in the index.php file. The XSS vulnerability can be exploited by injecting malicious script code into the 'page' parameter in the index.php file.
There are two persistent XSS vulnerabilities in the Joomla Component RSComments version 1.0.0. The first vulnerability is in the Name field and the second vulnerability is in the Website field. The exploit payload is "x"/style="position:absolute;top:0;left:0;width:999pc;height:999pc"/onmouseover="alert(1)//". The first vulnerability only executes in the backend, while the second vulnerability executes in both the frontend and backend.
Blind SQL Injection: Requires magic_quotes OFF. Exploit: option=com_answers & task=categ & id=-1' union select benchmark(100000,md5(5)) as a -- 'Title Field SQL Injection: Exploit: title',(select concat(username,char(32),password) from jos_users where gid=25 limit 1),'0','1','0','','') -- ;SQL Injection: Requires magic_quotes OFF, Joomla! debug OFF. Exploit: option=com_answers & task=detail & id=-1' union select concat(username,char(32),password),2,3,4,5,6,7,8,9 from jos_users where gid=25 limit 1 -- '
This is a proof-of-concept code for a buffer overflow vulnerability in PowerZip. The vulnerability allows an attacker to overwrite the stack buffer, but the code does not provide an exploit to take advantage of this. The affected versions are 7.21 (Build 4010) of PowerZip. The vulnerability is local, meaning it can be exploited by a user with local access to the vulnerable system. The vulnerability is a boundary condition error that leads to a stack buffer overflow. However, the code does not provide an exploit to actually exploit the vulnerability. The vulnerability affects Windows 7, Windows Vista, Windows XP, Windows 2000, Windows Me, Windows 98, and Windows NT 4.0. There is no known fix for this vulnerability.
This exploit takes advantage of a boundary condition error in Corel VideoStudio Pro X3. By inserting a specially crafted media file into the timeline, an attacker can cause an access violation, leading to potential code execution.
This exploit takes advantage of a SEH (Structured Exception Handling) vulnerability in the batchaudio_setup.exe software. It uses a combination of junk data, a non-SEH overwrite (nseh), and a SEH overwrite (seh) to gain control of the program's execution flow. The exploit then executes a payload that opens the Windows calculator (calc.exe). The exploit has been tested on Windows XP SP2.
A vulnerability exists in the Netware CIFS.NLM driver which allows an attacker to trigger a kernel stack overflow by sending a specific 'Sessions Setup AndX' query. Successful exploitation of this issue will result in remote code execution with kernel privileges. Failed attempts may result in a remote denial of service.
This is a buffer overflow exploit in the Winplot software. The vulnerability allows an attacker to overwrite the stack buffer, potentially leading to remote code execution.
Services By CQR