The WordPress Super CAPTCHA plugin version 2.2.4 is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a specially crafted request to the 'markspam' parameter in the 'admin.php' page of the plugin. This allows the attacker to execute arbitrary SQL queries on the underlying database.
The WordPress Js-appointment plugin version 1.5 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted request to the 'searchdata.php' file, which does not properly sanitize user-supplied input, resulting in SQL injection. This can lead to unauthorized access to the database and potentially allow the attacker to execute arbitrary SQL queries.
This exploit takes advantage of a SEH (Structured Exception Handling) overwrite vulnerability in multiple F-Secure products. It uses heap spray techniques to exploit the vulnerability.
The WordPress MM Duplicate plugin version 1.2 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted request to the 'duplicate' parameter in the 'index.php' file. This can lead to unauthorized access, data manipulation, or data leakage.
Symantec System Center Alert Management System is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input.
This module exploits a buffer overflow in the PASV command in Solarftp 2.1.2. You must have valid credentials to trigger this vulnerability. Also, you only get one chance.
The vulnerability allows an attacker to perform SQL injection by manipulating the 'function' parameter in a POST request to the 'alter.php' file. By injecting malicious SQL code, an attacker can modify or delete data in the database.
The WordPress IP-Logger plugin version 3.0 is vulnerable to SQL Injection. By injecting a specially crafted SQL query in the 'lat' parameter, an attacker can manipulate the SQL query and retrieve sensitive information from the database.
This exploit takes advantage of a use after free vulnerability in the Mozilla mChannel object. The vulnerability was found by regenrecht and an MSF exploit was created by Rh0. A version specifically for Windows 7 was created by mr_me.
Sagem Fast Routers (3304-V1 / 3304-V2 / 3464 / 3504) come with a default preconfigured root password that the ISPs don't change. Instead, they create another admin account above it. The root password differs from a router to another, since it is computed from its MAC address. Thus, each unique router has its own password, which makes brute force or dictionary attacks inefficient or impossible. After reverse engineering the algorithm that computes the default password based on the MAC address, this exploit opens a remote shell in the remote host. (Generally its an Almquist Shell 'ash', which commands are compatible with the Bourne Shell 'bsh')
Services By CQR