This exploit allows an attacker to inject malicious SQL queries into the vulnerable application. The vulnerable parameter is the 'catid' parameter in the 'index.php?option=com_marketplace&page=show_category&catid=(SQL)' URL. An example of the malicious SQL query is '-1+union+select+concat(username,0x3a,password),2,3+from+jos_users/*'.
wp-content/plugins/st_newsletter/shiftthis-preview.php?newsletter=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users
This exploit is related to the Yahoo! JukeBox MediaGrid ActiveX Control mediagrid.dll AddBitmap() Buffer Overflow vulnerability. This vulnerability allows an attacker to execute arbitrary code on the vulnerable system. The exploit was tested on Windows XP SP2 (fully patched) English, IE6, mediagrid.dll version 2.2.2.56.
This exploit is related to the Yahoo! JukeBox datagrid.dll AddButton() Buffer Overflow vulnerability. It was discovered by Krystian Kloskowski (h07@interia.pl) and tested on Windows XP SP2(fully patched) English, IE6, datagrid.dll version 2.2.2.56. It was inspired by http://milw0rm.com/exploits/5046.
A-Blog V.2 is vulnerable to multiple remote vulnerabilities, including SQL Injection and XSS. An attacker can exploit these vulnerabilities to gain access to sensitive information such as usernames and passwords, as well as execute malicious code on the vulnerable system.
A buffer overflow vulnerability exists in Facebook PhotoUploader, which is an ActiveX control used by Facebook to upload photos. The vulnerability is caused due to a boundary error when handling a specially crafted HTML page. This can be exploited to cause a stack-based buffer overflow via an overly long, specially crafted argument passed to the vulnerable ActiveX control. Successful exploitation may allow execution of arbitrary code.
This exploit is a buffer overflow vulnerability in the Yahoo! Music Jukebox 2.2 AddImage() ActiveX control. The exploit is written in JavaScript and uses unescape() to create a shellcode of 0x1000 bytes. The shellcode is then appended to a block of NOPs and stored in an array of memory. The array is then used to create a buffer which is passed to the AddImage() function, resulting in the execution of the shellcode.
Joomla Component mosDirectory 2.3.2 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable parameter 'catid' in the 'index.php' page. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
Apache Struts 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 is susceptible to remote command injection attacks. The Jakarta Multipart parser has incorrect exception handling and error-message generation during file upload attempts, which can allow an attacker to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header. This was exploited in March 2017 with a Content-Type header containing a #cmd= string.
A buffer overflow vulnerability exists in Sejoong Namo ActiveSquare6 NamoInstaller.dll. By sending a specially crafted request to the vulnerable application, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the vulnerable application.
Services By CQR