The vulnerability only triggers when certain power management programms are not running, especially kded4 and the programms in the $PMS variable need not to be running in order for this to be exploitable. It is possible for another user on the local system to gain the privileges of the user who has the currently focused display running. The problem here is that the output of cat /proc/$(pidof kded4)/environ is controllable by the user who has the active display.
DoceboLMS is a SCORM compliant Open Source Cloud E-Learning platform used in corporate, government and education markets. The application allows a superadministrator to inject and execute arbitray SQL into the backend database via an insert statment. Additionally, the application allows a low privlidged attacker (student or higher) to upload/inject php code by creating a message attachment and sending it to a nonexistent user.
This exploit triggers a denial of service vulnerability in Free Opener by creating a file with a large amount of data. When the script is opened with Free Opener, the program crashes.
A vulnerability exists in SePortal 2.5 which allows an attacker to inject malicious SQL queries into the 'redirect.php' script. This can be exploited to gain access to sensitive information from the database.
This is a reverse engineered version of the exploit for CVE-2011-3192 made by ev1lut10n. It is a denial of service exploit which uses the ptrace() system call to detect if the process is being traced. If it is, it will exit with a segmentation fault. The exploit also uses the getaddrinfo() function to connect to the target host and send a GET request to the server. This will cause the server to crash.
CyberLink products contain built-in project file with their own format and extension. This file usually contains recently modified project or work. Most of this filetypes contain sections such as 'File src=' and 'File name='. These sections are filled with source path or filename which leads to command execution because the address of SE Handler is overwritten with 0x00410041.
This vulnerability affects /index.php, where an attacker can inject malicious SQL code into the 'filter_order' parameter of the /index.php?option=com_qcontacts?=catid=0&filter_order=[SQLi]&filter_order_Dir=&option=com_qcontacts URL.
SantriaCMS is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by sending malicious input to the 'idArtikel' parameter of the 'view.php' page. This can allow an attacker to gain access to the database and execute arbitrary SQL commands.
SourceBans is a free global administration and banning system for Source engine based servers. SQL Injection can be exploited by appending ' to the URL which will result in an SQL error. LFI Injection can be exploited by authenticating as root administrator or as somebody who is able to change the SourceBans theme and appending '../../../../../../../../../../etc/passwd%00' to the URL. There is also a possibility to get a shell by adding 'GIF89a' at the very beginning of the shell, renaming it to h4x0rz.gif and uploading it as an icon in the admin panel.
Smf <= 2.0.1 is vulnerable to a SQL injection vulnerability due to the developers not understanding the previous advisory and fixing it in a way that created a conflict between two different filters. This exploit was written for version 1.1.5 and updated to 1.1.11 and is likely to work on all versions up to 2.0.1. PHP4 calculated hash seems to be wrong, however, and cannot get the correct Zend_Hash_Del_Key_Or_Index Vulnerability hash.
Services By CQR