This module exploits an Authentication Bypass Vulnerability in RealVNC Server version 4.1.0 and 4.1.1. It sets up a proxy listener on LPORT and proxies to the target server. The AUTOVNC option requires that vncviewer be installed on the attacking machine. This option should be disabled for Pro.
Groovy Media Player Version 2.6.0 is vulnerable to a local buffer overflow vulnerability. By creating a specially crafted .m3u file with 223 A's, an attacker can cause a buffer overflow and crash the application.
The vulnerability exists due to insufficient validation of the 'lista' parameter in the '/wp-content/plugins/sendit/submit.php' script. A remote attacker can send a specially crafted HTTP POST request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass certain security restrictions, access, modify and delete data in the database, etc.
This exploit allows an attacker to add an admin user to the Help Request System 1.1g application by submitting a maliciously crafted form. The form contains fields for the user's name, login name, and password, as well as a hidden field for the user's level. By setting the user's level to 0, the attacker can create an admin user.
The application suffers from multiple stored XSS vulnerabilities. Input thru several parameters is not sanitized allowing the attacker to execute HTML code into user's browser session on the affected site. Also, couple of HTTP header elements are vulnerable to XSS.
This vulnerability alows remote code execution in Adobe Photoshop CS5 (12.0 and 12.1). The vulnerability is caused due to a boundary error within the processing of GIF images. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted GIF image.
The vulnerability exists due to insufficient filtration of user-supplied input in multiple parameters in multiple scripts. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can allow the attacker to steal or modify sensitive data, exploit vulnerable versions of SQL Server, bypass authentication and gain access to the administrator's account, etc.
SQL Injection can be done using the command input. An example of this is index.php?keyword=<SQL Injection Code>&mod=search&submit=GO. A demo of this exploit can be seen at http://site.com/dv10dis/index.php?keyword=%271&mod=search&submit=GO.
SQL Injection can be done using the command input. An example of this is searchresults.php?ord1='1&ord2=asc&search1=&SearchTerm=&where=ItemName. A demo of this exploit can be seen at http://site.com/bonzacart/searchresults.php?ord1='1&ord2=asc&search1=&SearchTerm=&where=ItemName.
A SQL injection vulnerability exists in Web Solutions Wcs2u, which allows an attacker to execute arbitrary SQL commands on the underlying database. The vulnerability is due to insufficient input validation when handling user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable application. Successful exploitation of this vulnerability could result in unauthorized access to sensitive information, or the execution of arbitrary SQL commands on the underlying database.
Services By CQR