A vulnerability in the runpriv command of the IBM AIX operating system allows local users to gain root privileges. The vulnerability is due to the runpriv command not properly dropping privileges when executing a command. This allows a local user to execute a command as root. The vulnerability is present in AIX 5.2 and 5.3.
A vulnerability exists in guestbook script version 1.7 and below, which allows an attacker to inject malicious code into log files and execute it remotely. This is due to the lack of proper input validation in the include_content() function, which allows an attacker to include code from local and remote resources. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server.
This exploit allows an attacker to send a malicious request to the vulnerable server, causing it to crash and deny service to legitimate users. The vulnerability exists due to insufficient input validation in the application. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server.
This exploit allows an attacker to execute arbitrary commands on the vulnerable Light Weight Calendar application. The attacker can send a malicious HTTP request to the vulnerable application with a crafted payload in the 'hx' parameter of the 'index.php' page. This payload will be executed on the server side.
This exploit is used to gain access to the administrator's password of the Redblog 0.5 application. The exploit is based on a Cross-Site Scripting (XSS) vulnerability in the application's RSS feed. The exploit uses the CURL library to send a malicious request to the application's RSS feed, which then returns the administrator's password in the response.
Vulnserver.exe v1.00 is vulnerable to a remote buffer-overflow exploit. The attack is triggered by sending a maliciously crafted TRUN command to the vulnerable server.
A remote code execution vulnerability exists in Perl due to improper input validation. An attacker can exploit this vulnerability by sending malicious input to the application. This can allow the attacker to execute arbitrary code on the vulnerable system. This vulnerability affects versions of Perl prior to 5.30.1.
A buffer overflow vulnerability exists in the Enet library due to improper bounds checking when handling user-supplied data. An attacker can exploit this vulnerability by sending a specially crafted packet to the vulnerable application, resulting in a denial of service or potentially arbitrary code execution.
A buffer overflow vulnerability exists in the timeout() function of Luigi Auriemma's tool <= 0.1. An attacker can exploit this vulnerability to cause a denial of service condition. This vulnerability is caused due to an error in the handling of the timeout parameter in the timeout() function. By sending a specially crafted packet, an attacker can cause a buffer overflow, resulting in a denial of service condition.
A buffer overflow vulnerability exists in the Windows Sockets library <= v1.1 (WINSOCK.DLL) which can be exploited by sending a specially crafted packet to the affected system. Successful exploitation may allow an attacker to execute arbitrary code on the target system.
Services By CQR