Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.
rgboard 4.2.1 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary code.
This module exploits a stack buffer overflow in Citrix Provisioning Services 5.6. By sending a specially crafted packet to the Provisioning Services server, a fixed length buffer on the stack can be overflowed and arbitrary code can be executed.
By Commenting a Beer Recip, with a javascript, the Javascripts,gets executed directly. This causes a XSS.
This module exploits a stack based overflow vulnerability in the handling of the DXF files by Microsoft Visio 2002. Revisions prior to the release of the MS bulletin MS10-028 are vulnerable. The overflow occurs when the application is used to import a specially crafted DXF file, while parsing the HEADER section of the DXF file.
This module exploits a vulnerability found on Siemens FactoryLink 8. The vulnerability occurs when CSService.exe processes a CSMSG_ListFiles_REQ message, the user-supplied path first gets converted to ANSI format (CodePage 0), and then gets handled by a logging routine where proper bounds checking is not done, therefore causing a stack-based buffer overflow, and results arbitrary code execution.
FreeAmp 2.0.7 is vulnerable to a buffer overflow vulnerability when processing specially crafted .PLS files. An attacker can exploit this vulnerability by creating a malicious .PLS file and convincing the user to open it, resulting in arbitrary code execution.
This module exploits a stack buffer overflow in Lotus Notes 8.5.2 when parsing a malformed, specially crafted LZH file. This vulnerability was discovered binaryhouse.net
The parameter $limits_cache_url is declared with the other parameter $_nodesforum_code_path, so an attacker can use the declared parameter to inject malicious code. The PoC is to send a malicious code to the target host in the $_nodesforum_code_path parameter.
2Point Solutions (cmspages.php) SQL Injection Vulnerability is a vulnerability that allows an attacker to inject malicious SQL code into a vulnerable web application. The malicious code can be used to access, modify, or delete data from the database. The vulnerable URL is http://[target]/cmspages.php?id=[SQL], where [SQL] is the malicious SQL code. Demo: http://www.site.com/cmspages.php?id=-43+union+select 1,2,group_concat(FName,0x3a,password),4+from+admin--
Services By CQR