This module exploits a vulnerability in Java Runtime Environment that allows an attacker to escape the Java Sandbox. By supplying a codebase that points at a trusted directory and a code that is a URL that does not contain an dots an applet can run without the sandbox. The vulnerability affects version 6 prior to update 24.
A persistent cross-site scripting vulnerability in b2evolution 4.0.3 can be exploited to execute arbitrary JavaScript. Data submitted to the 'Comment text' input of the blog comment form is not properly santized. As a result, javascript can be executed throughout the application (admin dashboard, admin comment full text view, possibly other pages).
A persistent/reflected cross-site scripting vulnerability in WikiWig 5.01 can be exploited to execute arbitrary JavaScript. Reflected: http://localhost/wikiwig5.01/_wk/Xinha/plugins/SpellChecker/spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E Persistent: Create a user account. Edit any page and add script tags. <script>alert(0)</script>
AVIPreview 0.26 Alpha is vulnerable to a denial of service attack. The application reads memory via a null pointer, causing an Access Violation Exception. An attacker can force something malicious to the ECX register (.data is RW) and gain code execution. To exploit this vulnerability, an attacker must generate a malicious AVI file, open it in AVIPreview, select 'No' when the MessageBox with an error appears, navigate to the File menu and pick the recent file (which points to the malicious AVI file). This will cause the application to crash.
The vulnerability exists due to failure in the 'core/model/UsersModel.php' script to properly verify the source of HTTP request. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. User can execute arbitrary JavaScript code within the vulnerable application. The vulnerability exists due to failure in the 'modules/Menu/MenuModuleAdmin.php' script to properly sanitize user-supplied input in 'title' variable. Successfuly exploitation of this vulnerability can result in session hijacking, non-persistent phishing attacks, malicious redirects, etc.
If-CMS 2.07 is vulnerable to a pre-authentication local file inclusion vulnerability. This vulnerability allows an attacker to execute arbitrary code on the vulnerable server. The exploit involves sending a specially crafted HTTP request to the vulnerable server, which contains a malicious payload that is then executed on the server. The malicious payload is encoded in base64 and is sent as a parameter in the HTTP request. The exploit is successful if the server is configured with the PHP setting 'gpc_magic_quotes' set to 'Off'.
A vulnerability in Opera 11.01 allows an attacker to cause a null pointer dereference by creating an element in a window and then closing it, followed by cloning the document. This can lead to a denial of service or potentially allow arbitrary code execution.
This module exploits an unsafe Javascript API implemented in Foxit PDF Reader version 4.2. The createDataObject() Javascript API function allows for writing arbitrary files to the file system. This issue was fixed in version 4.3.1.0218.
ABBS Electronic Flash Cards version 2.1 is vulnerable to a buffer overflow attack. By opening the application, going to test, clicking on random, and starting the test, then choosing the fcd file, a malicious user can trigger a buffer overflow and execute arbitrary code. This exploit was tested on Windows XP SP3 French.
A buffer overflow vulnerability exists in ABBS Audio Media Player 3.0, which could allow an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to a boundary error when handling a specially crafted .lst file. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system by enticing a user to open a specially crafted .lst file.
Services By CQR