The JSFTemplating FileStreamer functionality (when using the PhaseListener), basically used for including static or dynamic content, such as Yahoo UI API files w/o the need to deploy them, is vulnerable to directory traversal attacks. The Mojarra Scales project, which is used in the GlassFish Application Server v3 Admin console, is also vulnerable to directory traversal attacks. The following URL can be used to access arbitrary files on the server: http://[host]/[context]/faces/javax.faces.resource/[file]?ln=[path] where [file] is the file to be included and [path] is the directory traversal path.
AIMP2 Audio Converter <= 2.53 (build 330) (.pls/.m3u) Unicode local crash PoC is a vulnerability that allows an attacker to overwrite SEH handler with a CALL EAX 0x00XX00XX instruction. This can lead to a crash breakdown with EAX 001B0020 UNICODE "AAAAAAAAAAAAAAAAAAAA~, ECX 00000273, EDX 00000C4C, EBX 00000000, ESP 0012DCA8, EBP 0012DD64, ESI 001B6610 UNICODE "AAAAAAAAAAAAAAAAAAAA~, EDI 00130000 ASCII "Actx " and EIP 004530C6 AIMP2.004530C6. When the exemption handler is passed to overwrite EIP, EIP 00410041.
This exploit is a buffer overflow vulnerability in Soritong MP3 Player 1.0. It allows an attacker to execute arbitrary code by sending a specially crafted .m3u file. The vulnerability is caused by a lack of proper bounds checking when processing the .m3u file, which allows an attacker to overwrite the SEH handler and execute arbitrary code.
PHP File Manager 0.9.3 is prone to a remote file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary PHP code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Mybuxscript PTC-BUX is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. This issue affects Mybuxscript PTC-BUX versions BASIC/ADVANCE/PRO.
The vulnerability exists in MobileSafari of Apple iPhone. When a maliciously crafted webpage is loaded in MobileSafari, it causes a buffer overflow which leads to a crash and reboot of the device. The exploit code contains a JavaScript loop which creates a large string of 500000 characters and then alerts it, causing the buffer overflow.
BandCMS v0.10 has an SQL Injection vulnerability in news.php. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The vulnerable code is present in news.php, where the variables 'year' and 'id' are not sanitized before being used in a SQL query. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The vulnerable code is present in news.php, where the variables 'year' and 'id' are not sanitized before being used in a SQL query. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The vulnerable code is present in news.php, where the variables 'year' and 'id' are not sanitized before being used in a SQL query.
A vulnerability in the REScript V.0.99 Beta web application allows an attacker to inject arbitrary SQL commands via the 'op' parameter in the 'listings.php' script. This can be exploited to gain access to the database and to disclose sensitive information such as user credentials.
Media Jukebox 8 (.pls) Universal Local Buffer Exploit (SEH) is a buffer overflow exploit that allows an attacker to execute arbitrary code on the vulnerable system. The exploit is triggered by sending a specially crafted .pls file to the vulnerable system. The exploit uses a reverse TCP shellcode to connect back to the attacker's machine and execute commands.
Hex Workshop is a hexadecimal editor that allows users to edit binary files. A buffer overflow vulnerability exists in Hex Workshop versions 3, 4, 5, and 6. An attacker can exploit this vulnerability by sending a specially crafted .hex file to the victim, which can lead to arbitrary code execution. The vulnerability is due to insufficient bounds checking when processing the .hex file.
Services By CQR