The vulnerability exists due to insufficient sanitization of user-supplied input in 'fgid' parameter of 'download.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass certain security restrictions, access or modify data, or exploit various vulnerabilities in the underlying database.
Notepad++ NppFTP plugin is vulnerable to a remote heap overflow vulnerability when a malicious user sends a specially crafted LIST command. This vulnerability can be exploited by a remote attacker to execute arbitrary code on the vulnerable system.
Classified Script is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this vulnerability to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
A Local File Inclusion (LFI) vulnerability exists in JoomTouch Joomla Component version 1.0.2. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to include a file from a remote server that contains malicious code, which can be executed on the vulnerable server.
The POST variable in index.php?cmd=changepass is vulnerable to CSRF. An attacker can grab the header information with HTTP Live headers and replay the POST variable with the new password of the userid and logout. This allows the attacker to login with the desired user and password.
This vulnerability is a heap overflow in NSHC Papyrus software. It is triggered when a specially crafted file is opened, causing a buffer overflow. The overflow occurs when the program attempts to write data to a buffer on the heap, which is larger than the allocated size. This can lead to arbitrary code execution.
Mambo CMS 4.6.5 and lower versions are vulnerable to SQL Injection. The 'zorder' parameter was not properly sanitized upon submission to the administrator/index2.php url, which allows attacker to conduct SQL Injection attack. This could an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
A vulnerability was discovered in Videodb, which allows an attacker to determine the database contents and also if they look in the source they can see the server name, password and dbuser. This could lead to the site being taken over.
This module exploits a buffer overlow in l3codecx.ax while processing a AVI files with MPEG Layer-3 audio contents. The overflow only allows to overwrite with 0's so the three least significant bytes of EIP saved on stack are overwritten and shellcode is mapped using the .NET DLL memory technique pioneered by Alexander Sotirov and Mark Dowd.
Simple HTTPd is still affected by the bug. The executable must be compiled with -DNO_AUTH and -D_DEBUG enabled. The exploit sends a buffer of 6000 A's to the server, causing it to crash.
Services By CQR