The HostBill script is suffering from a remote injection vulnerability in the PHP code. An attacker can exploit this vulnerability by injecting malicious PHP code into the subject field of the new ticket form.
This exploit allows an attacker to create a folder with a specially crafted SID parameter in the Sysax Multi Server version 5.50. The vulnerability was discovered on January 13, 2012 and a fix was released on January 17, 2012 in version 5.52. The exploit has been tested on XP SP3 32bit and Server 2003 SP2 32bit without DEP.
User could call a remote script to download arbitrary file from the target system. Another script was vulnerable to non-persistent XSS
WorldMail IMAPD - SEH overflow - remote exploit
This exploit takes advantage of a stack buffer overflow vulnerability in Blade API Monitor. By sending a specially crafted request, an attacker can execute arbitrary code on the target system.
W-CMS is vulnerable to cross-site scripting (XSS) attacks and directory traversal attacks. The XSS vulnerability can be exploited through the 'index.php' and '?p=' parameters, allowing an attacker to inject malicious scripts. The directory traversal vulnerability allows an attacker to access sensitive files on the server by manipulating the 'p' parameter.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware.
This script generates payloads to exploit hash collision vulnerabilities in various servers including Apache Geronimo, Oracle Glassfish, PHP, and Apache Tomcat. It can be used to make multiple requests to a server without waiting for a response, potentially causing a denial of service. The payload length, collision character length, and number of collision characters can be customized.
The vulnerability exists in the 'page.php' file of MyPHPDating version 1.0. An attacker can exploit this vulnerability by injecting SQL code through the 'page_id' parameter. This can lead to unauthorized access, data leakage, and potential remote code execution.
This exploit targets a vulnerability in PHP version 5.3.* which allows an attacker to perform a denial of service attack. The exploit utilizes hash collisions to overload the system and cause it to crash.
Services By CQR