A heap overflow vulnerability exists in NUVICO DVR NVDV4 / PdvrAtl Module (PdvrAtl.DLL 1.0.1.25) when processing a specially crafted web page. An attacker can exploit this vulnerability to execute arbitrary code in the context of the user running the affected application. A demonstration of the vulnerability can be found at http://www.2mcctv.com/2mdemo.php and the codebase can be found at http://www.dvrstation.com/pdvratl.php?vendor=0.
A vulnerability exists in TutorialCMS 1.02 in the activate.php file, which allows an attacker to inject malicious SQL queries. An attacker can use the vulnerability to gain access to the admin panel by exploiting the magic_quotes_gpc = off setting. The encription of the password is MD5.
Input passed to the 'Id' and 'id' parameters is not santised. This can be exploited in the following manner to obtain the admin's password: http://[site]/Imgbig.asp?Id='union select user as name,1,pass as descrizione from stuff where '1'='1 and /thumbricerca.asp?id=-1'union select user aS name,1,pass as descrizione from stuff where '1'='1
The request is not sanitized before it is concatenated to the query.
Agares PhpAutoVideo v2.21 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow an attacker to gain access to the user and password from the mysql.user table.
This exploit allows an attacker to gain access to the remote database of a vulnerable PhotoKron installation. The attacker can gain access to the database name, host, username and password.
This exploit allows an attacker to bypass the authentication of the 0DayDB v2.3 web application and gain access to the administrative panel. The attacker can send a POST request to the delete.php page with the ID of the file they want to delete. This will allow them to delete any file without authentication.
Multiple SQL injection vulnerabilities exist, that can result in user credentials being compromised or the modification of the database. The following example exploits the image viewer page by placing the password of a user into the src attribute of the img tag instead of the correct path to the image. User passwords are stored in plain-text.
This exploit is a proof-of-concept code for exploiting the jumbo bug found in linux kernels >=2.6.20 and <=2.6.21.1. It is written in C and uses the getaddrinfo(), getnameinfo(), inet_pton() and malloc() functions to resolve the IPv6 destination, handle the MAC address, interface and buffer for the ethernet frame respectively. It then creates an ethernet header and sets the source and destination MAC addresses.
Docebo Suite is vulnerable to a SQL injection vulnerability in the lib.regset.php/non-blind script. This vulnerability allows an attacker to inject arbitrary SQL commands and gain access to the database. The bug was found by EgiX and works with Mysql >= 4.1 and PHP 5.X. It can be exploited to perform credentials disclosure.
Services By CQR