vCAP Calendar Server is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
This module exploits an arbitrary command execution vulnerability in the AWStats CGI script. iDEFENSE has confirmed that AWStats versions 6.1 and 6.2 are vulnerable.
This module exploits a buffer overflow in the AT&T WinVNC version <= v3.3.3r7 web server. When debugging mode with logging is enabled (non-default), an overly long GET request can overwrite the stack. This exploit does not work well with VNC payloads!
This exploit allows an attacker to bypass authentication by exploiting a SQL injection vulnerability in Kalimat v 1.0. The attacker can use a Google dork to find vulnerable websites and then use a UNION SELECT statement to retrieve the username and password from the user table. The attacker can then use the retrieved credentials to log in as an administrator.
This exploit is used to inject malicious SQL code into the Woltlab Burningboard Addon Kleinanzeigenmarkt. It is done by exploiting a vulnerability in the page parameter of the index.php file. The exploit is written in Perl and can be used to extract user information such as userID, username, email, password, and salt.
Kayako eSupport v3.04.10 is vulnerable to Cross-Site Scripting (XSS) and Cross-Site Request Forgery (XSRF). An attacker can exploit this vulnerability by registering in the site, opening a new ticket, and sending a malicious link in the message. The XSRF vulnerability can be exploited by creating a malicious form and submitting it when the admin reads the message.
When a user plays normal songs and saves the playlist as .aap, and then opens it up with notepad, a header is written at the beginning of the malicious file. If anyone can overwrite the SEH chain or EIP by some method, the exploit code can be sent to Jacky_thekiller@hotmail.com.
bbScript <= 1.1.2.1 is vulnerable to Blind SQL Injection. This exploit is used to extract the password hash of a user from the database. The exploit uses a loop to iterate through the characters of the password hash and uses a substring function to extract the characters one by one. The exploit is written in PHP and can be used to target any vulnerable version of bbScript.
This exploit is related to Google Chrome 3.0195.38. It is a vulnerability that allows attackers to redirect users to malicious websites by obfuscating the status bar. The exploit involves two steps. First, the attacker opens a new window and then the user is asked to click on a link that redirects them to a malicious website. The malicious website is hidden in the status bar and the user is unaware of the redirection.
A vulnerability exists in Invision Power Board(Trial) v2.0.4 which allows an attacker to create a backup of the database. This can be done by sending a specially crafted HTTP request to the vulnerable server. The request contains the 'act' parameter set to 'mysql' and the 'code' parameter set to 'dosafebackup' along with the 'create_tbl' parameter set to '1' and the 'addticks' parameter set to '1' and the 'skip' parameter set to '1' and the 'enable_gzip' parameter set to '1'.
Services By CQR