xine-lib <= 1.1.12 is prone to a stack-based buffer overflow in the NES Sound Format demuxer(demux_nsf.c). The vulnerability is caused due to a boundary error within the open_nsf_file() and demux_nsf_send_chunk() functions when handling a specially crafted NSF file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a malicious NSF file. A proof-of-concept exploit is available.
A vulnerability exists in XplodPHP that allows an attacker to inject malicious SQL queries into the application. This can be exploited to gain access to sensitive information such as usernames and passwords, or to modify data in the database.
Carbon Communities is a high powered, fully scalable, and highly customizable online portal, message boards/ bulletin board, discussion hub, Private messaging, Event Calendars, Emails and chat software rolled into one. There is a SQL Injection in 'events.asp?id=[Injection]', 'getpassword.asp' and 'option_Update.asp'. By using it, attacker can gain usernames and passwords, send any password to his/her email address and update member info. There are some XSS in 'login.asp' and 'member_send.asp'.
A buffer overflow vulnerability was discovered in BS.player 2.27 Build 959. An attacker can exploit this vulnerability by renaming a movie.srt file with the name of the movie they like, which will cause a buffer overflow and allow the attacker to execute arbitrary code.
Lasernet CMS v1.5 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerable parameter is 'new' which is passed to the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements.
When parsing a subtitle file with an overly long subtitle DIVX player will deadly crash with eip overwritten. A perl script is used to create a .srt file with a payload of 4096 'A's.
BigAnt Server Ver 2.2 is vulnerable to a pre-authentication remote SEH overflow. The vulnerable process is AntServer.exe and the offset for SEH overwrite is 954 Bytes. An attacker can exploit this vulnerability by sending a specially crafted packet to the server, which will cause the SEH to be overwritten and allow arbitrary code execution.
Classifieds Caffe is prone to a remote SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains a malicious SQL query in the 'poll_id' parameter of the 'index.php?p=poll&showresult=1' URL. This can allow an attacker to access sensitive information from the database.
Koobi CMS versions 4.3.0, 4.2.5, and 4.2.4 are vulnerable to multiple remote SQL injection attacks. An attacker can exploit this vulnerability to gain access to the admin data, such as email and password, by sending a malicious SQL query to the vulnerable parameter. The vulnerable parameters are 'galid' in the 'gallery' module, 'categ' in the 'links' and 'downloads' modules.