This vulnerability is a DoS vulnerability that can be exploited by an attacker to cause an access violation exception in the target system. The vulnerability is caused by a flaw in the target object's ShowDlg function, which can be triggered by passing a specially crafted argument. This results in a memory read attempt at the address 0x00000020, leading to an access violation exception (0xC0000005).
This vulnerability allows an attacker to disclose the database of J.A.G (Just Another Guestbook) version 1.14. By accessing the URL http://site.com/path/jag/database.sql, the attacker can retrieve the database contents.
The vulnerability is in the field "title" scenario "calendar.php". An attacker can inject malicious JavaScript code into the title field of a calendar event, which will be executed when the event is viewed. This allows the attacker to steal the victim's cookies.
This is a proof of concept exploit for a local buffer overflow vulnerability in Radasm .rap file. The vulnerability is present in the filename field.
A vulnerability has been discovered in osTicket, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "input" parameter to ajax.php is not properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.6 RC5. Other versions may also be affected.
This exploit targets the feedDemon opml file and causes a buffer overflow.
This exploit causes a denial of service (DoS) by crashing the httpdx v1.5.2 server. It sends a specially crafted buffer to the server, causing it to crash.
The exploit allows an attacker to perform blind SQL injection in the Joomla component com_photoblog. It can be exploited through the URLs www.site.com/detail.php?id=[Blind SQL INJECTION] and www.site.com/index.php?option=com_photoblog&view=images&category=1&celebs&blog=1+and substring(@@version,1,1)=5.
No description provided.
The MASA2EL Music City software is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by injecting malicious SQL queries into the 'id' parameter of the index.php file. This can lead to unauthorized access to the database and retrieval of sensitive information, such as usernames and passwords.
Services By CQR