This exploit is a buffer overflow vulnerability in jetAudio v 7.5.5.25 Basic. The vulnerability is triggered when a maliciously crafted .asx file is opened, causing a buffer overflow. This can lead to arbitrary code execution.
This exploit is a buffer overflow vulnerability in jetAudio v 8.0.0.0 Basic. The exploit is triggered by creating a malicious .asx file containing a long string of A's. When the file is opened, the application crashes.
A vulnerability in SoftCab Sound Converter ActiveX (sndConverter.ocx) allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability exists due to an insecure method in the sndConverter.ocx ActiveX control, which can be exploited to execute arbitrary code by calling the SaveFormat() method with a specially crafted argument. This can be exploited to execute arbitrary code by tricking a user into visiting a malicious web page.
Cross-Site Request Forgery (CSRF) vulnerability exists in CMS-DB v0.7.13 which allows an attacker to add a super-user, delete a user and set FTP server login. Cross-Site Scripting (XSS) vulnerability exists in CMS-DB v0.7.13 which allows an attacker to inject malicious JavaScript code into the application. Full Path Disclosure vulnerability exists in CMS-DB v0.7.13 which allows an attacker to view the full path of the application.
VideoIsland is vulnerable to a remote shell upload vulnerability. An attacker can upload a malicious PHP shell to the server by exploiting the File Uploader feature in the VideoManager section of the application. The malicious file can be accessed at http://localhost/Path/Storage/reno.php
Multiple XSS Vulnerabilities are detected on client-side(persistent). An attacker with low privilegs is able to include own bad script routines on client-side(Example;PHP;JS) of the phone application. Attackers can get Session-Data(Cookies) of customers/admins over multiple XSS vulnerabilities. Multiple XSS Vulnerabilities are detected on server-side(persistent). An attacker with low privilegs is able to include own bad script routines on server-side(Example;PHP;JS) of the phone application. Attackers can get Session-Data(Cookies) of customers/admins over multiple XSS vulnerabilities.
MSRMCcodec02.dll is vulnerable to a buffer overflow vulnerability. The vulnerability is triggered when a specially crafted .m3u file is opened, causing a stack-based buffer overflow. This can allow an attacker to execute arbitrary code on the vulnerable system.
This exploit allows an attacker to inject malicious SQL code into the com_schools component of Joomla. The malicious code can be used to extract sensitive information such as usernames and passwords from the database.
Snitz Forums 2000 is vulnerable to a remote database disclosure vulnerability. An attacker can access the snitz_forums_2000.mdb database file by sending a request to http://[target].com/[path]/snitz_forums_2000.mdb.
Web Wiz Forums v9.64 is vulnerable to a remote database disclosure vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This will allow the attacker to access the database file, which contains sensitive information such as usernames, passwords, and other confidential data.
Services By CQR