This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introdcued into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.
This module exploits a vulnerability found in HP Data Protector's OmniInet process. By supplying a long string of data as the file path with opcode '20', a buffer overflow can occur when this data is being written on the stack where no proper bounds checking is done beforehand, which results arbitrary code execution under the context of SYSTEM. This module is also made against systems such as Windows Server 2003 or Windows Server 2008 that have DEP and/or ASLR enabled by default.
This module exploits a stack-based buffer overflow in Word Builder 1.0. An attacker must send the file to the victim and the victim must open the file.
Adobe Reader 5.1 is vulnerable to a buffer overflow vulnerability when processing a specially crafted XFDF file. An attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. This vulnerability is due to a boundary error when processing the XFDF file. By supplying a specially crafted XFDF file, an attacker can cause a stack-based buffer overflow, which can be exploited to execute arbitrary code.
WeBid <= 1.0.2 is vulnerable to arbitrary PHP code injection due to improper sanitization of user input in the converter.inc.php file. This can be exploited by an attacker to inject and execute arbitrary PHP code in the context of the webserver process.
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
PhpFood CMS is vulnerable to SQL Injection. An attacker can exploit this vulnerability to gain access to sensitive information stored in the database. The vulnerable parameter is 'id' which is passed to the 'restaurant.php' script. An attacker can inject malicious SQL queries in the 'id' parameter to gain access to sensitive information stored in the database.
A SQL injection vulnerability exists in DmxReady Links Manager v1.2. An attacker can send a specially crafted HTTP request to the update.asp page with a malicious SQL statement in the ItemID parameter, which can be used to extract data from the database or execute administrative operations on the system.
A SQL injection vulnerability exists in DMXReady Account List Manager v1.2. An attacker can send a specially crafted HTTP request to the update.asp page with a malicious AccountID parameter to execute arbitrary SQL commands.
A vulnerability exists in DmxReady Document Library Manager v1.2, which allows an attacker to inject arbitrary SQL commands via the 'ItemID' parameter in the 'update.asp' script.
Services By CQR