Mail-it Now! Upload2Server is prone to an arbitrary file upload vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before uploading files. Successful exploitation will cause the application to execute the file in the security context of the Web server process. This may facilitate unauthorized access; other attacks are also possible.
Land Down Under is prone to multiple SQL injection vulnerabilities due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. This can be exploited by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Land Down Under is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Subscribe Me Pro is prone to a directory traversal vulnerability due to a lack of proper sanitization of user-supplied input. Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. Information obtained through this attack may aid in further attacks against the underlying system.
This exploit affects a format string error in the RCPT TO command in which the program attempts to print out the string back to the console screen of the application. This PoC code could possibly be re-written to allow buffer overflow and execution of code.
A remote denial of service vulnerability affects Zebedee. This issue is due to a failure of the application to properly handle exceptional network requests. Specifically, Zebedee is unable to handle requests for connections that contain a zero for the requested destination port. A remote attacker may leverage this issue to crash the affected application, denying service to legitimate users.
The Linux kernel is prone to a denial-of-service vulnerability. The kernel is affected by a memory leak, which eventually can result in a denial of service. A local attacker can exploit this vulnerability by making repeated reads to the '/proc/scsi/sg/devices' file, which will exhaust kernel memory and lead to a denial of service.
MyBulletinBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Input passed to various scripts in aMember is not sufficiently sanitized, allowing an attacker to host arbitrary malicious code in a file at an attacker-controlled site and include the file using a URI parameter. This issue may be leveraged to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process.
wiclear v0.10 is vulnerable to Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable application. The malicious URL contains a malicious file which is hosted on a remote server. When the vulnerable application receives the malicious URL, it will execute the malicious file.
Services By CQR
