Exploits 207 - exploit.company

SetSeed CMS 5.8.20 (loggedInUser) Remote SQL Injection Vulnerability

SetSeed CMS is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.

7.5

CVSS

HIGH

SQL Injection

Microsoft Windows XP Pro SP3 (EN), Apache 2.2.21, MySQL 5.5.16, PHP 5.3.8

Affected Version

Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC

This proof-of-concept (PoC) creates a .oce file that can be used to exploit a stack-based buffer overflow vulnerability in Hyperion Interactive Reporting Studio, which is part of the Oracle Hyperion Suite. When the file is clicked, a login box appears followed by an error message, leading to a crash.

7.5

CVSS

HIGH

Stack Based Buffer Overflow

CWE

Product Name

Oracle Hyperion Suite

Affected Version

Google Chrome Denial of Service Vulnerability

The vulnerability allows an attacker to cause a denial of service condition in Google Chrome. However, no way to exploit the vulnerability has been found.

Windows XP SP3, Windows 7 (64 bit)

Affected Version

From:

Google Chrome version 14.0.835.202

To:

Google Chrome version 14.0.835.202

UnrealIRCd local configuration stack overflow

This exploit allows an attacker to execute arbitrary code on a system running UnrealIRCd. By adding a malicious entry to the unrealircd.conf file, an attacker can trigger a stack overflow and gain control of the target system.

Affected Version

Skraps, Jackie Craig Sparks

vendor:

Simple Free PHP Forum Script <= 1 SQL Injection Vulnerability

This script is riddled with unsanitized REQUEST variables that allow multiple SQL injections. The PoC shows an example of an SQL injection attack. The vulnerable code is shown on line 150 of discussion.php file.

Simple Free PHP Forum Script

Affected Version

Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection Exploit

This exploit takes advantage of a vulnerability in the member_menu_queries.php file of the Dolphin software version 7.0.7 or below. By manipulating the 'bubbles' parameter in the URL, an attacker can inject arbitrary PHP code into the server.

7.5

CVSS

HIGH

Remote PHP Code Injection

Affected Version

Mozilla Firefox Array.reduceRight() Integer Overflow Exploit

The Mozilla Firefox browser is vulnerable to an integer overflow exploit in the Array.reduceRight() function. This vulnerability allows an attacker to bypass DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) protections using a Java MSVCR71 sayonara rop chain. The exploit has been tested on Windows 7 Ultimate with Firefox versions 3.6.16 and 3.6.17.

Affected Version

MyBB Forum Userbar Plugin (Userbar v2.2)

The exploit allows an attacker to perform SQL injection by modifying the POST request in the userbarsettings.php file.

Affected Version

myBB 1.6.4 Backdoor Exploit

myBB is a popular open source PHP forum software. Version 1.6.4 contained an unauthorized backdoor, distributed as part of the vendor's source package.

Affected Version