OpenBB is vulnerable to HTML injection attacks when HTML code is replaced with BBCodes. This allows an attacker to inject arbitrary HTML code into forum messages, leading to cross-site scripting (XSS) attacks and potential theft of cookie-based authentication credentials.
Under some circumstances, it may be possible for a local user to take advantage of a buffer overflow in screen. Due to insufficient bounds checking performed by the braille module of screen, it is possible for a local user to pass long strings of data to the screen program, which could result in an overflow, and the overwriting of process memory. This could result in the execution of arbitrary code.
A remote attacker can manipulate the URL parameters to add or delete web polls in PVote, a web voting system written in PHP. By modifying the values of the parameters, an attacker can add a poll with a specific topic or delete an existing poll by specifying its ID.
The SunShop web store software allows attackers to embed arbitrary script code into form fields, enabling a remote attacker to perform actions as the administrative user of the shopping cart. An attacker can exploit this vulnerability by registering as a new customer and entering a specially crafted name containing script code.
Menasoft SPHEREserver .99 is vulnerable to a denial of service attack. Multiple connections to the server can be made from a single machine, exhausting available connections and denying connections to legitimate users.
The BRU backup software creates temporary files insecurely by using easily predicted temporary filenames in the /tmp/brutest.$$ format. This vulnerability allows a local user to launch a symbolic link attack, potentially leading to the overwriting of system files or elevated privileges.
The pmake program, specifically the Makefile executed by pmake, allows the user to set certain user-defined variables. One such variable is the .SHELL variable, where a format string can be supplied in the check= field. By exploiting this vulnerability, an attacker can write to an arbitrary memory address of the program, potentially overwriting the return address and executing arbitrary code with root privileges.
This module exploits a default misconfiguration flaw on Symantec Messaging Gateway. The 'support' user has a known default password, which can be used to login to the SSH service, and gain privileged access from remote.
There exists a remotely exploitable buffer overflow in Oracle TNS Listener component, which allows remote attackers to execute arbitrary code on affected hosts without requiring authentication. On Windows 2000/NT4 systems, the TNS Listener runs with 'LocalSystem' privileges, giving the attacker full control over the system. On Unix systems, exploitation of this vulnerability would provide an attacker with local access to the victim host.
Icecast audio-streaming server does not properly sanitize user-supplied input, allowing remote attackers to cause a denial of service (crash) by adding a slash, backslash, or period to the end of a crafted URL.
Services By CQR