w3blabor CMS version 3.3.0 is vulnerable to an SQL injection vulnerability due to improper sanitization of user-supplied input before using it in an SQL query. A malicious user can exploit this vulnerability to bypass authentication and gain access to the application.
After registered and logged in, a user can upload any type of file in 'My Picture Album' where a picture would usually be uploaded. For example, if the file 'shell.php' was uploaded to somesite.com, its location would likely be http://somesite.com/uploads/pictures/pictures/[user]/[picture number]_shell.php. The location of the file can also easily be found by using your browser's 'view image' function where the image would appear regularly.
A buffer overflow vulnerability exists in Elecard MPEG Player 5.5 build 15884.081218. The vulnerability is caused due to a boundary error when handling .M3U files. This can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted .M3U file. Successful exploitation may allow execution of arbitrary code.
This exploit allows a remote attacker to disclose the hashes of the passwords stored in the database of the vulnerable application. The vulnerability exists due to insufficient sanitization of user-supplied input passed to the 'dbfield' parameter of the 'filter.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable script and view the hashes of the passwords stored in the database.
bview.asp?id=1+union+select+0,useradmin,2,3,4,passadmin,6,7,8+from+admin
When a .gro file containing long Chars is imported in Audacity 1.2.6, the program will crash and the EAX, ECX, EDX, EBX, ESP, EBP, ESI, EDI and EIP registers will be overwritten. This can be exploited to execute arbitrary code by creating a malicious .gro file and importing it in Audacity.
This exploit allows an attacker to change the admin password of EggBlog v 3.1.10 using Cross-Site Request Forgery (CSRF). The attacker can craft a malicious HTML page with a form that submits to the vulnerable change.php page, which will then change the admin password.
Emails can be sent via SMS by setting the messages Protocol Identifier to 'Internet Electronic Mail' and formatting the message like this: <email-address><space><message body>. If such messages contain an <email-address> with more than 32 characters, S60 2.6, 2.8, 3.0 and 3.1 devices are not able to receive other SMS or MMS messages anymore. 2.6 and 3.0 devices lock up after only one message, 2.8 and 3.1 devices after 11 messages.
A vulnerability exists in 2Capsule Sticker, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the 'id' parameter to 'sticker.php' isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow execution of arbitrary SQL commands.
A vulnerability in Megacubo 5.0.7 allows remote attackers to execute arbitrary code by using a malicious URL. The vulnerability is due to the application's failure to properly validate user-supplied input. An attacker can exploit this vulnerability by enticing an unsuspecting user to click on a malicious URL. Successful exploitation could result in the execution of arbitrary code in the context of the application.
Services By CQR