PHP Live Helper is an online support system written in php that allows the visitors of a website to interact in real time with the site owners. There are a number of issues in PHP Live Helper that allow for several different attacks such as SQL Injection, Variable Overwriting, and remote code execution. The issues require no authentication to exploit, and users are encouraged to upgrade as soon as possible. There are a number of SQL Injection issues in PHP Live Helper that allow for an attacker to have arbitrary access to database contents such as administrator credentials. An example of the vulnerable function being called can be seen in onlinestatus_html.php @ line 19. As a result a url like the one above can be used to enumerate the admin password for the PHP Live Helper installation.
cyberBB v. 0.6 is vulnerable to multiple remote SQL injection vulnerabilities. The first vulnerability is located in the 'show_topic.php' file with the 'id' parameter. The second vulnerability is located in the 'profile.php' file with the 'user' parameter. Both vulnerabilities require the user to be logged in and the magic quotes gpc must be off. An attacker can exploit these vulnerabilities to gain access to the database and extract sensitive information such as usernames and passwords.
This vulnerability allows an attacker to upload a malicious file to the vulnerable website. An attacker can register on the website and then upload a malicious file in the Current Avatar section. This will allow the attacker to execute arbitrary code on the vulnerable website.
PHPBasket is vulnerable to SQL injection. Attackers can exploit this vulnerability by sending malicious SQL queries to the application. This can be done by appending malicious SQL queries to the vulnerable parameters in the URL. For example, an attacker can append the following malicious SQL query to the vulnerable parameter in the URL: '2+union+all+select+1,2,3,4,concat(use_username,char(58),use_password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+from+pb4_users--'
This vulnerability allows an attacker to gain full control over EAX/ECX by exploiting a buffer overflow in the FTP server message response (4100 chars answer --> done).
This exploit is a buffer overflow vulnerability in the FTP server of Windows XP. It allows an attacker to execute arbitrary code on the vulnerable system by sending a maliciously crafted FTP command. The exploit uses a jump ahead and a pop, pop, ret instruction to bypass the SafeSEH protection. The exploit code is written in Perl and is tested on Windows XP SP1, SP2 and SP3.
A remote SQL injection vulnerability exists in PHP Arcade Script v4.0. An attacker can exploit this vulnerability to inject malicious SQL queries into the application, allowing them to gain access to sensitive information such as usernames and passwords. The vulnerability is due to insufficient sanitization of user-supplied input to the 'cat' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL queries to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information.
Xnova is vulnerable to Remote File Inclusion due to the lack of proper sanitization of user input. The vulnerable file is includes/todofleetcontrol.php and the vulnerable line is include($ugamela_root_path . 'includes/functions/FlyingFleetHandler.'.$phpEx);. The exploit is target.com/includes/todofleetcontrol.php?ugamela_root_path=[shell]? or target.com/includes/todofleetcontrol.php?xnova_root_path=[shell]?.
EO Video v1.36 is vulnerable to a local PoC/DoS exploit. The vulnerability is caused due to a boundary error within the processing of the <Name> buffer of a *.eop playlist file. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted *.eop playlist file. Successful exploitation may allow execution of arbitrary code.
A heap overflow vulnerability exists in VLC 0.8.6i due to an integer overflow in the demux/tta.c file. The vulnerability is caused by the lack of proper validation of user-supplied input when calculating the size of the seektable. An attacker can exploit this vulnerability by supplying a malicious TTA file, resulting in a denial of service condition.
Services By CQR