This exploit demonstrates how to make Konqueror 3.5.5 crash instantly with a null pointer exception. By loading a specific file in Konqueror, vulnerable versions will segfault. The exploit uses an iframe element with a source attribute pointing to 'ftp://localhost/anything', triggering the crash.
This vulnerability allows an attacker to execute arbitrary code, access sensitive information, or crash the affected application, denying service to legitimate users. Successful attacks may result in the complete compromise of an affected computer.
The Cacti Superlinks plugin is vulnerable to SQL Injection.
The vulnerability exists when handling specially crafted AVI files. An attacker can exploit this issue by enticing a user to open a malicious file with the vulnerable application. Successful exploitation may allow arbitrary code execution in the context of the logged-in user.
This exploit allows an attacker to grant or revoke dba permission to an unprivileged user by injecting a malicious cursor.
This is a file inclusion exploit for CS_Gallery version 2.0 and below. The vulnerability allows an attacker to include arbitrary files on the target server. The exploit works by manipulating the 'index.php' file of the CS_Gallery script. The vulnerable code snippet is shown in the comments of the exploit. This exploit requires the target server to have the cURL extension of PHP installed and the PHP settings 'allow_url_fopen' and 'allow_url_include' to be set to 'On'. The exploit script takes two arguments - the path to the CS_Gallery script and the path to the shell file to be included. It also supports an optional proxy.
This exploit takes advantage of a vulnerability in the webSPELL <= v4.01.02 (topic) software. By injecting SQL code into the 'topic' parameter of the printview.php file, an attacker can execute arbitrary SQL queries on the database. The vulnerability can be exploited by an authenticated or unauthenticated user.
This program is vulnerable to a buffer overflow attack. An attacker can exploit this vulnerability to execute arbitrary code or crash the program.
There are 2 buffer overflow vulnerabilities in News Bin Pro 5.33 that can be triggered by a crafted .nbi config file. The DataPath and DownloadPath sizes are not checked, allowing for code execution. This vulnerability also exists in News Bin 4.x, but can only be triggered by manually loading the file. Additionally, News Bin 4.x is vulnerable to a heap overflow with a .NZB file that contains a long group field, leading to a Denial of Service (DoS) for XP SP2 and code execution for XP SP1 and XP. News Bin 5.33 is also vulnerable to a heap overflow with a .NZB file that contains a long group field, triggered after downloading a malformed post and clicking on 'Delete All Posts'. This leads to code execution on XP and XP SP1, and DoS on XP SP2, with the possibility of code execution (not confirmed).
An attacker can exploit this issue to crash the effected application, denying service to legitimate users.
Services By CQR