CreateReportTable.jsp page is prone to SQL injection via site variable. A user with limited privileges could exploit this vulnerability to gain complete database/system access.
An attacker can crash the software by using .mobi and .prc file. Attackers can crash the software local by user inter action over .mobi and .prc (ebooks).
Cisco Ironport appliances are vulnerable to authenticated 'admin' privilege escalation. By enabling the Service Account from the GUI or CLI allows an admin to gain root access on the appliance, therefore bypassing all existing 'admin' account limitations. The vulnerability is due to weak algorithm implementation in the password generation process which is used by Cisco to remotely access the appliance to provide technical support.
Exif Pilot SEH Based Buffer Overflow is a vulnerability in Exif Pilot version 4.7.2 which allows an attacker to execute arbitrary code by sending a specially crafted XML file. The vulnerability is caused by a buffer overflow in the application when processing a specially crafted XML file. The attacker can exploit this vulnerability by sending a specially crafted XML file to the application, which will cause the application to crash and execute arbitrary code.
A Memory Corruption Vulnerability is detected on Crystal Player 1.99. An attacker can crash the software by using .mls file. Attackers can crash the software local by user inter action over mls (playlist).
This plugin is vulnerable to SQL injection at the /vbsso/avatar.php file in the fetchUserinfo function. It requires a big UNION ALL SELECT query and commenting out the LIMIT function of SQL. If SQL injection is a success, the browser will redirect the user to a URL where the URL contains the extracted information.
This exploit is a Denial of Service (DoS) vulnerability in GPON Zhone R4.0.2.566b. It sends an evil buffer with a length of 100000 to the device, which causes it to crash. The exploit was tested on GPON Zhone 2520 with hardware 0040-48-02 and software R4.0.2.566b.
An arbitrary file upload vulnerability exists in articleFR CMS 3.0.5. An attacker can upload a malicious file to the server by sending a specially crafted POST request to the videouploader.php file. This can be exploited to execute arbitrary PHP code on the server.
A SQL injection vulnerability exists in articleFR CMS 3.0.5. An attacker can send a specially crafted HTTP POST request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. The vulnerable code is located in the file articleFR/system/profile.functions.php and the vulnerable parameter is username. The vulnerable query is SELECT id, username, name, password, email, website, blog, date, isactive, activekey, membership FROM users WHERE username ='[Injection HERE]'. The vulnerable function is getProfile($_username, $_connection).
This vulnerability allows an attacker to read kernel memory by using the IOKit API. The vulnerability exists in the IOServiceOpen() function, which allows an attacker to open a connection to a kernel service and then use the IOConnectMapMemory() function to map kernel memory into user space. This can be used to read kernel memory, which can contain sensitive information such as passwords and encryption keys.
Services By CQR