Amaya Web Editor version 11.0 and prior is vulnerable to a remote buffer overflow attack. By sending a specially crafted HTML file, an attacker can cause a buffer overflow in the application, resulting in arbitrary code execution. The vulnerability is caused due to a boundary error when handling the 'dir' attribute of the 'bdo' tag. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted HTML file.
This exploit allows an attacker to execute arbitrary commands on the vulnerable system. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'upload_file.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious PHP code in it. The malicious code will be uploaded to the vulnerable server and executed.
When a maliciously crafted M3U file is imported into the Thomson mp3PRO Player/Encoder, a buffer overflow occurs, resulting in a crash.
x0x has discovered a clickjacking vulnerability in Google Chrome Web Browser. The vulnerability is caused due to the application not properly sanitizing user-supplied input. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site by e.g. tricking a user into clicking on a specially crafted link. This can be used to e.g. steal cookie-based authentication credentials.
Multiple stack buffer overflow vulnerabilities have been discovered in Amaya, which can be exploited by unauthorized people using crafted web pages to compromise a user's system. A boundary error when processing 'input' HTML tags can be exploited to cause a stack-based buffer overflow via an overly long 'type' parameter (Bugtraq ID 33046). A boundary error when processing 'object' HTML tags can be exploited to cause a stack-based buffer overflow via an overly long 'classid' parameter (Bugtraq ID 33047).
This exploit is based on a Blind SQL injection vulnerability in the smartSiteCMS 1.0 v1.0. It allows an attacker to extract the password of a given user from the database. The exploit uses a binary search algorithm to guess the characters of the password one by one. The exploit is written in Python and requires the host, path and username as parameters.
This bug allows a guest to bypass an offline authentication service using SQL Injection vulnerability.
This bug allows a registered user to view username and password (md5) of a registered user with the specified id (usually 1 for the admin) by sending a crafted request to submit_post.php with magic quotes set to off.
A vulnerability in phplist 2.10.x allows remote attackers to execute arbitrary code via a crafted request to admin/index.php. An attacker can use the LWP::UserAgent->agent() method to execute arbitrary commands on the vulnerable system.
Gazelle CMS is vulnerable to a local file inclusion vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a maliciously crafted template parameter. This will allow the attacker to include arbitrary local files on the server.
Services By CQR