ServiceDesk Plus version 8.0 Build 8013 is prone to multiple persistent cross-site scripting vulnerabilities as the user-supplied input received via certain parameters is not properly sanitized. This can be exploited by submitting specially crafted input to the affected software. Successful exploitation could allow the attacker to execute arbitrary script code within the user's browser sesssion in the context of the affected site.
A heap corruption vulnerability has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. The issue can be triggered with network access to the system running the XML service. By sending a POST request to a really long non-existent extension DLL some further processing is done in the XML service. This processing leads to a heap corruption which can be used to execute arbitrary code on the server running the XML service.
A stack-based buffer overflow has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service. The issue can be exploited with network access to the XML service interface. But exploitation can also be performed with unauthenticated access to the Citrix web frontend which is exposed to the Internet in many cases. The overflow occurs when the length of the 'ClientName' property is greater than the size of the stack buffer.
MyWebServer v1.0.3 is vulnerable to a file download vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This will allow the attacker to download any file from the server, including sensitive files such as configuration files, source code, etc.
MyWebServer v1.0.3 is vulnerable to a Denial of Service attack. An attacker can send a crafted UDP packet with a large number of 'A' characters to the server, causing it to crash. This vulnerability affects Windows 7 (home premium) and Windows XP SP2 EN.
A vulnerability was discovered by Rocco Calvi and Steve Seeley which identifies unauthenticated time-based blind SQL injection in the 'page' variable of the virtuemart component. This vulnerability allows an attacker to gain information from the database with specially crafted URLs taking advantage of the MySQL benchmark. This issue was patched in version 1.1.7a.
MinaliC Webserver v2.0 is vulnerable to remote source disclosure. An attacker can access the source code of the web application by sending a request to the web server with the file path of the source code. This can be done by appending '%20' or '.../' to the end of the URL.
A Cross-Site Request Forgery (CSRF) vulnerability exists in Samba Web Administration Tool (SWAT) versions 3.0.x - 3.5.9 (inclusive). An attacker can exploit this vulnerability by sending a malicious request to the vulnerable server. This can be done by embedding a malicious HTML form in a web page, or by sending a malicious link via email or other methods. The malicious request will be executed on the vulnerable server, allowing the attacker to perform arbitrary actions with the privileges of the SWAT user.
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
The input passed to the code parameter is not sanitized and is used on a popen() function. This allows remote command execution and also allows to see environment vars. Windows: http://www.site.com/php-barcode/barcode.php?code=%TMP% Linux: http://www.site.com/php-barcode/barcode.php?code=012$PATH$d http://www.site.com/php-barcode/barcode.php?code=`uname%20-a` http://www.site.com/php-barcode/barcode.php?code=`tail%20-1%20/etc/passwd`
Services By CQR