A CSRF vulnerability exists in Mevin Basic PHP Events Lister v2.03, which allows an attacker to add and delete admin users. An attacker can craft a malicious HTML page containing a form with hidden fields that when visited by an authenticated user, will add or delete an admin user.
GlassFish is an open source application server project led by Sun Microsystems for the Java EE platform. The proprietary version is called Sun GlassFish Enterprise Server. GlassFish supports all Java EE API specifications, such as JDBC, RMI, e-mail, JMS, web services, XML, etc, and defines how to coordinate them. The log viewer fails to securely output encode logged values. As a result, an unauthenticated attacker can trigger the application to log a malicious string by entering the values into the username field. This will cause the application to log the incorrect login attempt and results in a stored XSS vulnerability. By modify the URL parameters, an unauthenticated attacker can trigger the application to output a malicious string. This will cause the application to output the malicious code and results in a reflected XSS vulnerability.
A malformed Kerio generated calendar invitation can cause a DoS in Lotus Domino SMTP router, EMAIL server and client. The invitation must be sent as a mime type text/calendar with a filename.ics. The vulnerability affects versions 8.5.3 and very likely all 7.x and 8.x.
This module exploits a FreeFloat FTP Server Buffer Overflow found in the REST command.
This exploit is for FreeFloat FTP Server version 1.00. It is a buffer overflow exploit that sends a malicious payload to the server via the REST and PASV commands. The payload is designed to execute a shellcode that will open the calculator application. The exploit was tested on Windows XP SP3 Brazilian Portuguese.
The vulnerability exists in gdiplus!GpPath::CreateDashedPath function of gdiplus.dll that is responsible for bitmap drawing and other 2d graphic rendering. EMF+ file is one of the image file format that is rendered by the library. And the vulnerability is based on some floating point calculation of an EMF+ path object. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of vulnerable application or cause denial-of-service conditions.
The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.
This module exploits a buffer overflow vulnerability found in the MKD command in the Freefloat FTP server.
FreeFloat FTP Server is vulnerable to a buffer overflow attack when a MKD command is sent with an overly long argument. This can be exploited to execute arbitrary code by sending a specially crafted MKD command.
This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build (ie. NNM 7.53_01195)
Services By CQR