Gradman <= 0.1.3 is vulnerable to a Local File Inclusion vulnerability. This vulnerability can be exploited by sending a specially crafted HTTP request to the vulnerable server. By exploiting this vulnerability, an attacker can gain access to sensitive information such as the /etc/passwd file. The vulnerable parameter is the 'tabla' parameter in the 'info.php' script.
OpenBSD 4.2 rtlabel_id2name() [SIOCGIFRTLABEL ioctl] Null Pointer Dereference local Denial of Service Exploit is a vulnerability in OpenBSD 4.2 which allows an attacker to cause a denial of service by sending a crafted SIOCGIFRTLABEL ioctl request to the kernel. This exploit was discovered by Hunger and was published in an advisory in 2008.
This exploit is a modification of axis's code and is used to exploit a buffer overflow vulnerability in Windows Message Queuing Service. It is provided for legal security research and testing purposes ONLY.
A vulnerability exists in AuraCMS 1.62, where an attacker can inject malicious code into the stat.php file in the /mod directory. This code is then stored in the online.db.txt file, which can be used to execute arbitrary code. The vulnerability is due to the lack of input validation on the HTTP_X_FORWARDED_FOR variable. To exploit this vulnerability, an attacker can send a crafted HTTP request with a malicious payload in the HTTP_X_FORWARDED_FOR variable. This payload will then be stored in the online.db.txt file, which can be used to execute arbitrary code.
The problem is a buffer-overflow which occours when you use the 'SelectedSession()' method. It seems that, during the initialization of the component, a race condition occours between threads and 4 bytes of the same component will overwrite EIP. If you patch these 4 bytes, you can control this register, using it to jump to a shellcode and execute arbitrary code on user's pc. For exploiting this vulnerability you only need to create a web page containing the CLSID and the codebase path to your crafted ActiveX.
A vulnerability exists in Mini File Host version 1.2 which allows an attacker to include local files on the server. This is done by manipulating the 'language' parameter in the 'upload.php' script. An attacker can exploit this vulnerability to include arbitrary files from the server, such as configuration files containing database credentials, or even to execute arbitrary code.
A remote SQL injection vulnerability exists in PHPEcho CMS version 2.0. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
MyBB is a discussion board that has been around for a while; it has evolved from other bulletin boards into the forum package it is today. Two vulnerabilities were discovered in MyBB 1.2.10, one in the forumdisplay.php file and one in the search.php file. Both vulnerabilities allow for remote code execution, with the precondition that the attacker knows the valid forum 'fid' or search 'sid'. Attackers do not need to have any privileges in the MyBB installation to be successful in the attack. Proof-of-concept requests are provided in the text.
MyBB <= 1.2.10 is vulnerable to a remote code execution vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains a malicious command which is executed on the vulnerable server. This vulnerability is due to insufficient sanitization of user-supplied input in the 'showthread.php' script.
Gradman is vulnerable to a local file inclusion vulnerability. This vulnerability is caused due to the improper validation of user-supplied input in the 'tabla' parameter of the 'agregar_info.php' script. An attacker can exploit this vulnerability to include arbitrary local files from the web server and execute arbitrary code on the vulnerable system.
Services By CQR