A permanent Cross Site Scripting vulnerability was found in Hipergate 4.0.12, because the application fails to sanitize user-supplied input. Any logged-in user who is able to add a New Campaign can trigger the vulnerability.
This exploit is a buffer overflow vulnerability in the dsconfig.exe component of CA BrightStor ARCserve Backup. It allows an attacker to execute arbitrary code on the affected system.
This vulnerability allows an attacker to perform Blind Sql Injection on the Shout! Script. By modifying the 'id' parameter in the content.php URL, the attacker can execute arbitrary SQL queries and retrieve sensitive information from the database. The exploit examples provided demonstrate how to determine the version of the database server by leveraging the boolean-based blind SQL injection technique.
The CA BrightStor ARCserve Backup Agent for SQL (dbasqlr.exe) is vulnerable to a buffer overflow. An attacker could exploit this vulnerability to execute arbitrary code with the privileges of the user running the affected application.
Two crashes caused by NULL pointer dereferences have been discovered in MSIE 6.0/7.0. These issues do not affect MSIE 8.0.
This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3. Vulnerability mitigation featured.
This exploit targets BusinessMail Server version 4.60.00 and causes a denial of service by sending a string of 'A' characters. The vulnerability was discovered by Reed Arvin and the exploit was coded by Kozan based on Reed Arvin's code in Perl.
This exploit is a remote denial of service (DoS) attack on the P2GChinchilla[TM] HTTP Server version 1.1.1. It creates a large buffer of 'A' characters and sends it to the server, causing it to crash or become unresponsive.
This exploit targets the Windows Live Messenger 2009 ActiveX component. It causes a heap overflow in the RichUploadControlContextData property of the component, leading to potential code execution or denial of service. The exploit is written in VBScript and sets a specially crafted value to the property.
Services By CQR