A vulnerability in WordPress Plugin Download Manager 0.2 allows remote attackers to upload arbitrary files via a direct request to upload.php. This can be exploited to execute arbitrary PHP code by uploading a file with a double extension such as .php.jpg, which can then be accessed via a direct request to the file in the upload directory.
A remote file inclusion vulnerability exists in i-base version 2.03 and prior. An attacker can exploit this vulnerability to include arbitrary files from a remote location and execute arbitrary code on the vulnerable system. The vulnerable parameter is 'filename' in the 'download.php' script.
This script exploit the flaw discovered by Dan Kaminsky which allows an attacker to insert a dummy record in the vulnerable DNS server by guessing the transaction ID. It also inserts Authority record for a valid record of the target domain.
This exploit targets a fairly ubiquitous flaw in DNS implementations which allow the insertion of malicious DNS records into the cache of the target nameserver. This exploit caches a single malicious nameserver entry into the target nameserver which replaces the legitimate nameservers for the target domain. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache. This insertion completely replaces the original nameserver records for the target domain.
IntelliTamper 2.0.7 is vulnerable to a remote buffer overflow vulnerability. This vulnerability is caused by a lack of proper bounds checking when parsing HTML files. An attacker can exploit this vulnerability by sending a specially crafted HTML file to the vulnerable application. This will cause a buffer overflow, which can be used to execute arbitrary code.
A buffer overflow vulnerability exists in Minix 3.1.2a due to improper bounds checking of the tty_reply() function in trunk/src/drivers/tty/tty.c. An attacker can send a specially crafted message to the tty_reply() function, resulting in a stack-based buffer overflow. This can be exploited to execute arbitrary code with kernel privileges.
This exploit allows an attacker to inject malicious SQL commands into a vulnerable web application. The attacker can use this vulnerability to gain access to sensitive information stored in the database, such as usernames and passwords. The attacker can also use this vulnerability to modify or delete data in the database.
The YouTube Blog 0.1 script is vulnerable to multiple remote attacks. An attacker can exploit the SQL injection vulnerability to gain access to the database and extract sensitive information. An attacker can also exploit the XSS vulnerability to inject malicious JavaScript code into the application. Lastly, an attacker can exploit the RFI vulnerability to include malicious files from a remote server.
A heap overflow vulnerability exists in Microsoft Internet Explorer 7.0.5730.13. The vulnerability is caused due to a boundary error within the handling of the 'CreateTextRange()' method. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into visiting a malicious web page.
EZWebAlbum suffers from insecure cookie handling, when a admin login is successful the script creates a cookie to show the rest of the admin area the user is already logged in. The bad thing is the cookie doesn't contain any password or anything alike, therefor we can craft a admin cookie and make it look like we are logged in as a legit admin. An attacker can exploit this vulnerability by crafting a malicious cookie and gaining access to the admin area.
Services By CQR