This exploit affects a format string error in the RCPT TO command in which the program attempts to print out the string back to the console screen of the application. This PoC code could possibly be re-written to allow buffer overflow and execution of code.
A remote denial of service vulnerability affects Zebedee. This issue is due to a failure of the application to properly handle exceptional network requests. Specifically, Zebedee is unable to handle requests for connections that contain a zero for the requested destination port. A remote attacker may leverage this issue to crash the affected application, denying service to legitimate users.
The Linux kernel is prone to a denial-of-service vulnerability. The kernel is affected by a memory leak, which eventually can result in a denial of service. A local attacker can exploit this vulnerability by making repeated reads to the '/proc/scsi/sg/devices' file, which will exhaust kernel memory and lead to a denial of service.
MyBulletinBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Input passed to various scripts in aMember is not sufficiently sanitized, allowing an attacker to host arbitrary malicious code in a file at an attacker-controlled site and include the file using a URI parameter. This issue may be leveraged to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process.
wiclear v0.10 is vulnerable to Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable application. The malicious URL contains a malicious file which is hosted on a remote server. When the vulnerable application receives the malicious URL, it will execute the malicious file.
WEB//NEWS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
WEB//NEWS is prone to multiple SQL injection vulnerabilities due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. An attacker can exploit this vulnerability by supplying malicious input to the 'modules/startup.php' script, which can result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Cisco IOS Firewall Authentication Proxy is prone to a buffer overflow condition when a malicious user sends a specially crafted FTP or Telnet request with a username of more than 50 characters. This can cause a denial of service or potential execution of arbitrary code.
phpCommunityCalendar is prone to multiple remote cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
Services By CQR