Path Disclosure vulnerability in bitweaver 2.8 allows an attacker to view the directory structure of the web server. This vulnerability can be exploited by sending a specially crafted HTTP request to the vulnerable server. The PoC provided in the text can be used to exploit this vulnerability.
A SQL injection vulnerability exists in Quicktech, which allows an attacker to execute arbitrary SQL commands on the underlying database. This can be exploited to manipulate data, disclose sensitive information, or gain access to the system. Affected versions include all versions of Quicktech.
Sql injection on file News.php?id= http://xxx.com/news.php?id=[Sql] ---- Live -- http://www.site.com/news.php?id=157[sql commends] ----
A divide by 0 error occurs in tcp_select_initial_window when processing user supplied TCP_MAXSEG facilitating a local denial-of-service condition (kernel oops!) in all Linux Kernel 2.6.x branch (2.6.37 & below). This issue can be triggered easily with a call to setsockopt() on a listening network socket and then establishing a TCP connection to the awaiting socket.
This module exploits a stack overflow in PeerCast <= v0.1216. The vulnerability is caused due to a boundary error within the handling of URL parameters.
An attacker can send a malicious RETR command to the vulnerable FTP server, such as 'RETR ../../../../boot.ini', to traverse the directory and access sensitive files outside the web root directory.
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable page.php script. The attacker can use the 'pID' parameter to inject malicious SQL code into the query. This can allow the attacker to gain access to sensitive information from the database, such as user credentials and other confidential data.
An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can be done by appending malicious SQL queries to the vulnerable parameter in the URL. For example, www.site.com/page.php?pid=null[Sql] and www.site.com/archives.php?pid=null[Sql]. An attacker can also use the UNION operator to retrieve data from the database. For example, www.site.com/page.php?pid=null+and+1=2+union+select+concat(username,0x3a,psword)+from+tbladmin_users and www.site.com/archives.php?pid=null+and+1=2+union+select+1,2,3,concat(username,0x3a,psword),5,6,7,8,9,10,11+from+tbladmin_users
This exploit creates a file named DOS.cda with a length of 80000 bytes, which causes Magic Music Editor to crash when the file is opened.
The program suffers from a heap corruption vulnerability which can be exploited by malicious people to cause a denial of service and potentially compromise a vulnerable system. The vulnerability is caused when processing malicious PDF file which triggers a heap corruption state resulting in a crash.
Services By CQR