The Rat CMS Alpha 2 is vulnerable to Blind SQL Injection. This exploit is written in Perl and can be used to extract the admin password from the database. It uses the ASCII() function to extract the password character by character.
An SQL injection vulnerability in plx Autoreminder v3.7 allows an attacker to execute arbitrary SQL commands via the 'id' parameter in the 'members.php' script. An attacker can use the 'concat()' function to extract the username, version, and database of the application. The attacker can also use the 'union select' statement to extract data from the database.
Destiny Media Player version 1.61 is vulnerable to a local stack-based buffer overflow. The vulnerability is caused due to a boundary error within the processing of .lst files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .lst file with an overly long string in the file name field.
A SQL injection vulnerability exists in PHPMesFilms. An attacker can send a specially crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in the back-end database, allowing the attacker to access or modify sensitive data. The vulnerability is due to insufficient sanitization of user-supplied input to the 'id' parameter in the 'index.php' script.
A SQL injection vulnerability exists in WSN Guest 1.23. An attacker can send a specially crafted HTTP request to the search.php script with the filled, action, whichtype, and searchfields parameters to execute arbitrary SQL commands and gain access to sensitive information.
webSPELL is vulnerable to a Remote Edit Topics Vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to edit topics in the forum.
Destiny Media Player 1.61 is vulnerable to a buffer overflow vulnerability when a specially crafted playlist.lst file is opened. This allows an attacker to execute arbitrary code on the vulnerable system.
Destiny Media Player 1.61 is vulnerable to a local buffer overflow vulnerability. By creating a specially crafted .lst file, an attacker can execute arbitrary code on the vulnerable system. This exploit was tested on Windows XP SP3.
Webspell is vulnerable to login bypass due to the lack of proper input validation. The vulnerability is present in the checklogin.php file, line 60, where the userID and the ws_pwd are set as a cookie without any validation. The vulnerability can be exploited by setting the $_COOKIE['ws_auth'] to something like 'or/**/1=1/**/limit/**/0,1#' and exploiting the $_SESSION['ws_auth'] = $_COOKIE['ws_auth']. The vulnerability is only exploitable when magic_quotes is set to off.
A proof-of-concept exploit for a buffer overflow vulnerability in Destiny Media Player was released by Encrypt3d.M!nd. The exploit creates a malicious .lst file containing a large number of 'A' characters followed by a 4-byte EIP value, followed by more 'A' characters. If the file is opened in Destiny Media Player, the EIP value will be overwritten, potentially allowing arbitrary code execution.
Services By CQR