WÃYS is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.
The Web Crossing Web Server component has been reported prone to a remote denial of service vulnerability. It has been reported that the issue will present itself when the affected web server receives a malicious HTTP request that contains negative values for certain fields in the HTTP header.
A vulnerability exists in a_viewusers.php allowing for SQL injection of the 's' query parameter.
'okul siteleri' is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. An attacker can exploit this issue by sending a specially crafted HTTP request to the vulnerable application.
A vulnerability exists in Ticket Support System, which allows an attacker to upload a malicious file to the server. The attacker can send a ticket with the malicious file attached, and the file will be uploaded to the server in the 'uploads' directory. The attacker can then access the malicious file from the 'uploads' directory.
This exploit is for Zeroboard 4.1 pl7 which is vulnerable to a Remote Code Execution vulnerability. The exploit is triggered by sending a specially crafted HTTP request to the vulnerable server. This request contains malicious code which is then executed on the server, allowing the attacker to gain access to the server.
OtsTurntables Free 1.00.027 is vulnerable to a buffer overflow vulnerability when a specially crafted .m3u/ ofl file is opened. This can be exploited to execute arbitrary code by corrupting the stack and overwriting the SEH handler.
Mambo component com_zoom is vulnerable to Blind SQL injection. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords stored in the database. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'catid' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. A successful exploitation of this vulnerability can result in unauthorized access to sensitive information stored in the database.
Anonymous users can exploit this if they have read access to a directory. Normal users can exploit this too if they can read a directory. By looking into my debugging session with OllyDbg I see that an exception is raised and the ftp service crashes due to a 'stack overflow', what is a stack exhaustion. If the ftp service is set to 'manual' startup in services control manager the service needs to be restarted manually. IIS 5.0 and 6.0 were tested and are affected.
SidVault 2.0e Windows Remote Buffer Overflow is a vulnerability in the Windows operating system that allows an attacker to execute arbitrary code on the target system. The vulnerability is caused by a buffer overflow in the LDAP service of the Windows operating system. The attacker can exploit this vulnerability by sending a specially crafted packet to the target system. The packet contains a malicious payload that will be executed on the target system when the packet is received.
Services By CQR