The BPAutoSales v1.0.1 is vulnerable to a remote SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.
GOM Player 2.0.12 is vulnerable to a buffer overflow vulnerability when processing specially crafted .PLS files. An attacker can exploit this vulnerability to execute arbitrary code in the context of the application. This exploit was discovered and exploited by Mountassif Moad and was reported by Parvez Anwar in Secuina. The vulnerability Poc was reported by Parvez Anwar in Secuina and was exploited by DATA_SNIPER in milw0rm. This exploit is a new exploit for .PLS files and was inspired by DATA_SNIPER.
Synactis All_IN_THE_BOX ActiveX Control (ALL_IN_THE_BOX.OCX) can be used to owervrite any any file in target system. Vulnerable method is "SaveDoc()". By default when saving file All_IN_THE_BOX ActiveX control attend extension to filename variable in "SaveDoc()" method. For example if you enter filename "boot.ini" in "SaveDoc()" method then control will create file boot.ini.box. But by attending a null byte to filename attacker can owervrite any file in OS (see example for owervriting boot.ini).
GNUBoard (VERSION 4.31.04 (09.01.30)) is a widely used bulletin board system of Korea. It is freely available for all platforms that supports PHP and MySQL. But we find a file include vulnerability affects SIR GNUBoard. In special conditions,it may be used as a remote file include vulnerability. This issue to execute arbitrary PHP code on an affected computer with the privileges of the affected Web server. The Local File Inclusion Vulnerability is present in the poll_result.php file, where the skin_dir parameter is not properly sanitized. This can be exploited to include arbitrary local files. The SQL Injection Vulnerability is present in the register_form.skin.php and point.php files, where the mb_id parameter is not properly sanitized. This can be exploited to inject arbitrary SQL queries.
ReVou Micro Blogging is prone to an SQL injection vulnerability and a cross-site scripting vulnerability. An attacker can exploit these issues to manipulate SQL queries, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The SQL injection issue is due to a failure of the application to properly sanitize user-supplied input before using it in an SQL query. The cross-site scripting issue is due to a failure of the application to properly sanitize user-supplied input before using it in dynamically generated web content.
SalesCart Product Management Plugin is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries by injecting arbitrary SQL code. This may allow the attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
This exploit allows an attacker to bypass the XSRF protection and captcha of Pligg 9.9.5. The attacker can use an iframe to force people to vote for a story. The attacker can also bypass the captcha by sending the ts_random value to the captcha_bypass.php with the same web browser.
This exploit allows an attacker to change the VoIP provider settings of the Zoom VoIP Phone Adapter ATA1+1. The attacker can change the VoIP provider settings by sending a malicious POST request to the vulnerable device. This exploit was tested on version 1.2.5 of the Zoom VoIP Phone Adapter ATA1+1.
This exploit allows an attacker to remotely overwrite the firmware of a D-link VoIP Phone Adapter model number DVG-2001s with f/w version 1.00.007. The attacker can use a POST request to the URL http://10.1.1.166/Forms/cbi_Set_SW_Update?16640,0,0,0,0,0,0,0,0 with the parameters page_HiddenVar, TFTPServerAddress1, TFTPServerAddress2, TFTPServerAddress3, TFTPServerAddress4, FirmwareUpdate, and FileName. The attacker can also use a Cross-site Scripting (XSS) attack to bypass Cross-site Request Forgery (XSRF) protection by sending a GET request to the URL http://10.1.1.166/Forms/page_CfgDevInfo_Set?%3Cscript%3Ealert(%22hacked%22)%3C/script%3E.
A vulnerability in Profense Web Application Firewall allows an attacker to change the configuration of the firewall, add a proxy, turn off the Profense machine, force the Profense server to ping, and perform a reflective XSS attack.
Services By CQR