A SQL injection vulnerability can be used to extract arbitrary data. In some environments it may be possible to create a PHP shell.
This module exploits remote code execution vulnerabilities in dRuby by using instance_eval or syscall. It first tries to exploit instance_eval, if it fails then it tries to exploit syscall by writing the payload to a file and executing it.
A vulnerability has been discovered in the Wordpress plugin BackWPup 1.6.1 which can be exploited to execute local or remote code on the web server. The Input passed to the component 'wp_xml_export.php' via the 'wpabs' variable allows the inclusion and execution of local or remote PHP files as long as a '_nonce' value is known. The '_nonce' value relies on a static constant which is not defined in the script meaning that it defaults to the value '822728c8d9'.
Honey Soft is prone to multiple SQL injection and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to manipulate SQL queries, steal cookie-based authentication credentials, execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site, and to access or modify data.
A local file inclusion vulnerability in Web Edition 6.1.0.2 can be exploited to include arbitrary files. A reflected cross-site scripting vulnerability in Web Edition 6.1.0.2 can be exploited to execute arbitrary JavaScript.
A directory traversal vulnerability in wodWebServer.NET 1.3.3 can be exploited to read files outside of the web root. Exploits include ..%5C/..%2F/..%2E/../..//.../..../
Injection in the Username field of the admin/index.php page and Cross Site Scripting in the admin/application/plugins/scaffold/index.php page.
Family Connections is an open source content management system. It makes creating a private, family website easy and fun. FCMS suffers from a stored XSS vulnerability (post-auth) in messageboard.php script thru the 'subject' post parameter. XML Inj. lies in the /inc/getChat.php script with 'users' get parameter with no args, and post parameter 'message'.
This module exploits VLC media player when handling a .AMV file. By flipping the 0x41st byte in the file format (video width/height), VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution.
Avaya IP Office Manager is the management console for Avaya IP Office phone systems. There is a built in TFTP server that is used to update the firmware on phones. The TFTP service is loaded when the admin console is opened. An attacker can send a crafted packet with 2000 A characters to the TFTP server, which will cause the server to crash.
Services By CQR