This module exploits a stack buffer overflow in the db_netserver process which is spawned by the Lianja SQL server. The issue is fixed in Lianja SQL 1.0.0RC5.2.
The 'login.asp' script in StoreFront Shopping Cart is affected by an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
The vulnerability exists in the third-party DLL "PDF In-The-Box" used by Logic Print 2013. The ROP (Return-Oriented Programming) is performed using the os DLL "msi.dll" version 3.1.4001.5512.
Multiple vulnerabilities have been found in MayGion IP cameras based on firmware v09.27 and below. These vulnerabilities could allow an unauthenticated remote attacker to dump the camera's memory and retrieve user credentials, as well as execute arbitrary code.
This exploit takes advantage of a glibc bug to escalate privileges and read the /etc/shadow file. It is specifically designed for glibc versions 2.1.9x and above.
FUSE is susceptible to a local information disclosure vulnerability. This issue is due to a failure of the kernel module to properly clear used memory prior to its reuse. This vulnerability allows malicious local users to gain access to potentially sensitive kernel memory, aiding them in further attacks.
Multiple vulnerabilities in NPDS allow remote attackers to carry out HTML injection, cross-site scripting, and SQL injection attacks. These vulnerabilities can result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.
This exploit allows an attacker to sign up with admin privileges by making the admin visit a CSRF script.
Variable $lib_dir not sanitized. When register_globals=on an attacker can exploit this vulnerability with a simple php injection script. The exploit URL is http://www.site.com/[path]/web/lib/xml/oai/GetRecord.php?lib_dir=[Evil_Script]
The 'header_get_field_name()' function in the 'mailbox/header.c' source file of GNU Mailutils mail is vulnerable to a buffer overflow. This vulnerability can be exploited by sending a specially crafted email to the affected software, allowing an attacker to execute arbitrary code on the affected computer with the privileges of the user who started the affected application.
Services By CQR