This exploit causes a denial of service (DoS) by crashing the httpdx v1.5.2 server. It sends a specially crafted buffer to the server, causing it to crash.
The exploit allows an attacker to perform blind SQL injection in the Joomla component com_photoblog. It can be exploited through the URLs www.site.com/detail.php?id=[Blind SQL INJECTION] and www.site.com/index.php?option=com_photoblog&view=images&category=1&celebs&blog=1+and substring(@@version,1,1)=5.
No description provided.
The MASA2EL Music City software is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by injecting malicious SQL queries into the 'id' parameter of the index.php file. This can lead to unauthorized access to the database and retrieval of sensitive information, such as usernames and passwords.
A permanent Cross Site Scripting vulnerability was found in Hipergate 4.0.12, because the application fails to sanitize user-supplied input. Any logged-in user who is able to add a New Campaign can trigger the vulnerability.
This exploit is a buffer overflow vulnerability in the dsconfig.exe component of CA BrightStor ARCserve Backup. It allows an attacker to execute arbitrary code on the affected system.
This vulnerability allows an attacker to perform Blind Sql Injection on the Shout! Script. By modifying the 'id' parameter in the content.php URL, the attacker can execute arbitrary SQL queries and retrieve sensitive information from the database. The exploit examples provided demonstrate how to determine the version of the database server by leveraging the boolean-based blind SQL injection technique.
The CA BrightStor ARCserve Backup Agent for SQL (dbasqlr.exe) is vulnerable to a buffer overflow. An attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user running the affected application.
Two crashes caused by NULL pointer dereferences have been discovered in MSIE 6.0/7.0. These issues do not affect MSIE 8.0.
This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3. Vulnerability mitigation featured.
Services By CQR