The WordPress Paid Downloads plugin version 2.01 is vulnerable to a SQL injection vulnerability. This vulnerability is due to the lack of proper sanitization of user-supplied input in the download_key parameter of the download.php script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's backend database. This may allow the attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
This vulnerability allows any user who can execute unprivileged code to BSoD the server with about three lines of C. The exploit involves closing stdout and stderr, and reading from stdin. This will cause a null deref in CSRSS.
This exploit is a proof of concept for a remote code execution vulnerability in Crush FTP 5. The vulnerability is triggered by sending a specially crafted 'APPE' command with 9000 bytes of data. This causes a buffer overflow which leads to a Blue Screen of Death (BSOD) on the target system.
A SQL injection vulnerability exists in WordPress SCORM Cloud plugin version 1.0.6.6 and earlier. The vulnerability is due to insufficient sanitization of user-supplied input in the 'inviteid' parameter of the 'ajax.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database.
PlaySMS version 0.9.5.2 is vulnerable to Remote File Inclusion (RFI) vulnerability. This vulnerability affects all the files such as web/plugin/themes/default/page_forgot.php, web/plugin/themes/default/page_login.php, web/plugin/themes/default/page_noaccess.php, web/plugin/themes/default/page_register.php, web/plugin/themes/km2/page_noaccess.php, web/plugin/themes/work2/page_forgot.php, web/plugin/themes/work2/page_login.php, web/plugin/themes/work2/page_noaccess.php, web/plugin/themes/work2/page_register.php. An attacker can exploit this vulnerability by sending a malicious URL to the victim. The malicious URL contains the RFI payload which can be used to execute arbitrary code on the vulnerable system.
A SQL injection vulnerability exists in WordPress post highlights plugin version 2.2 and earlier. The vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'ph_settings.php' script. An attacker can exploit this vulnerability to inject and execute arbitrary SQL commands in the application's back-end database.
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures. The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call. The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory.
Blind SQL Injection can be done using the command input. An example of the exploit is index.php?action=sendto&newsid=1' and '2'='2, which can be tested using the POC http://server/index.php?action=sendto&newsid=1%27%20and%20%272%27=%272.
Elite Gaming Ladders v3.6 suffers a remote SQL injection exploit
This exploit is a local stack overflow vulnerability in World Of Warcraft. It is triggered by creating a chat-cache.txt file with a large amount of data, which causes a stack overflow error when the game is launched. This results in a denial of service (DoS) attack.
Services By CQR