There is an insecure method in the (Save) function of Morovia Barcode ActiveX Control 3.6.2 (MrvBarCd.dll). The exploit can be triggered by clicking a button which calls the Save function and saves a malicious file to the system.
YAP v1.1.1 is vulnerable to a Local File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server, containing a maliciously crafted URL parameter. This can allow an attacker to read arbitrary files from the server, such as configuration files, source code, etc. The vulnerable URL parameter is 'page', and the malicious URL would look like http://www.site.com/index.php?page=[LFI]%00
Passing certain objects as parameter of GetAudioPlayingTime() method can lead to remote memory access and execution of arbitrary code.
KL0309EXP-poppeeper_date-bof.pl is a remote buffer overflow exploit for POP Peeper 3.4.0.0. It uses Imap.dll (included with POP Peeper) for universal exploitation (more love for no /SafeSEH). Tested on Windows XP SP3.
A vulnerability in Traidnt Up version 2.0 allows an attacker to bypass the file upload restriction and upload arbitrary files. This is done by entering the uploadcp url, setting the documentcookie to 'trupuser=SP4rT;' and entering the page after editing the script_path and posting the extension.
A vulnerability in RoomPHPlanning v1.x allows an attacker to remotely create a user with all permissions (admin). This is done by sending a crafted HTTP request to the vulnerable server.
The script is affected by Permanent XSS vulnerability, so yuo can put in bad java script code like: '><script>alert('XaDoS')</script> or '">><script>alert('XSS By XaDoS')</script> the XSS become permanent in every page of site! not critical damage but it's not funny..
WordPress MU prior to version 2.7 fails to sanitize the Host header correctly in choose_primary_blog function and is therefore prune to XSS attacks. Web Sites running in a name based virtual hosting setup are not affected while they are not the default virtual host.
Input passed to the "$include_path" parameter in cron.php page is not properly verified before being used to include files.This can be exploited to include arbitrary files from local or external resources.This vulnerability also happen to files ST_browsers.php, ST_countries.php, ST_platforms.php in admin's folder Successful exploitation requires that "register_globals" is enabled.
A vulnerability exists in the PHP-Fusion Mod - Book Panel, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the 'course_id' parameter in 'index.php' is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow execution of arbitrary SQL commands.
Services By CQR