This vulnerability allows an attacker to execute arbitrary SQL queries in the Joomla component com_doqment by injecting malicious code in the cid parameter. By exploiting this vulnerability, an attacker can access sensitive information from the Joomla database.
The Facebook application for iPhone does not properly encode special characters in the Notes detail, allowing an attacker to inject malicious code. By adding a specific script code in a note, the application freezes and becomes unresponsive.
This is a proof of concept exploit for the latest version of VirtualDJ Trial v6.0.6 'New Year Edition' for PC. The exploit code triggers a buffer overflow vulnerability in the software.
This exploit allows an attacker to create a malicious HTML file that is linked to an evil download offer. By exploiting a bug in the Internet Download Manager, the attacker can execute arbitrary code on the victim's system. The exploit uses Structured Exception Handling (SEH) and is designed to work on all Windows 2000 and Windows XP systems. The exploit has been tested on Windows XP SP1 and Windows 2000 Server SP4. The exploit code can be compiled using MS Visual C++ 6.
This exploit works against unpatched systems (MS03-039) and causes a Denial of Service on patched systems (rpc3).
This exploit is a remote heap overflow vulnerability in Mozilla Firefox version 1.0.1 or earlier. It allows an attacker to execute arbitrary code on the victim's system by exploiting a buffer overflow in the handling of GIF images. The exploit includes a shellcode that calls the system() function to launch the Windows Calculator application.
The vulnerability allows an attacker to inject SQL queries into the 'nid' parameter of the 'news_detail.php' script. By manipulating the query, an attacker can retrieve sensitive information such as login credentials from the admin table.
This exploit allows an attacker to perform a remote SQL injection attack on a Discuz website.
The e-topbiz Slide Popups 1 php script is vulnerable to SQL Injection. An attacker can bypass authentication by injecting ' or ' 1=1 in the login form.
The e-topbiz banner exchange php script is vulnerable to SQL injection. An attacker can bypass authentication by injecting SQL code in the username or password fields. The specific vulnerability allows an attacker to login as any user by using the payload 'test11 ' or ' 1=1' in the username field and any password.
Services By CQR