This exploit allows an attacker to execute arbitrary code in FreeVimager version 4.1.0 or earlier. By crafting a specially designed GIF file and opening it with FreeVimager, the attacker can trigger the vulnerability and execute malicious code on the target system.
An attacker can launch a cross-site scripting attack by exploiting a problem in the handling of certain types of input to DansGuardian. This can be done by injecting malicious code into the DENIEDURL parameter of the dansguardian.pl script.
A buffer overflow vulnerability exists in MERCUR Mailserver when handling the IMAP AUTH command. An attacker can exploit this vulnerability by submitting an overly long command, which may result in unauthorized access to a vulnerable system.
A local attacker may overflow the bounds of an insufficient reserved buffer in oracle process memory, allowing them to trigger the execution of arbitrary instructions in the context of the vulnerable binary.
The Android OS is vulnerable to a local DoS when a filename with a length of 2048 or larger is attempted to be written to the sdcard(vfat fs) multiple times. The result of successful running of the exploit code is the system restarting. The vulnerability only effects Android kernels that are in the version 2.6 family.
This vulnerability is a buffer overrun vulnerability in Microsoft Windows Messenger Service. It occurs due to insufficient bounds checking of messages before they are passed to an internal buffer. Exploitation of this vulnerability could lead to a denial of service or execution of malicious code in Local System context, potentially allowing for full system compromise.
This exploit takes advantage of a buffer overflow vulnerability in the USER command of FreeFloat FTP Server. By sending a specially crafted payload, an attacker can execute arbitrary commands on the target system. The exploit uses a combination of junk data, a return address, and a payload to achieve code execution.
PHP-Nuke is prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The issue occurs within the admin.php file, specifically when authenticating to a server. The vulnerability is due to insufficient sanitization of user-supplied data. An attacker may exploit this issue to influence SQL query logic and disclose sensitive information about the underlying database to launch further attacks against a vulnerable system.
OpenOffice is prone to a remote denial of service vulnerability under certain circumstances. The issue presents itself when an attacker connects to a remote OpenOffice session and transmits malicious data to the affected software. The software will apparently fail when handling the malicious data.
This module exploits a vulnerability found in Nagios XI Network Monitor's component 'Graph Explorer'. An authenticated user can execute system commands by injecting it in several parameters, such as in visApi.php's 'host' parameter, which results in remote code execution.
Services By CQR