This exploit triggers a Blue Screen of Death (BSOD) on Windows 2003 systems when a specially crafted EOT font file is opened. The vulnerability is caused due to a boundary error within the processing of EOT font files. This can be exploited to cause a stack-based buffer overflow via a specially crafted EOT font file.
The Open Computer and Software (OCS) Inventory Next Generation (NG) provides relevant inventory information about system configurations and software on the network. An authenticated user can exploit a SQL injection vulnerability in the machine.php script to gain access to the system. The vulnerable code is located at line 77-79 of the machine.php script.
com_idoblog is vulnerable to SQL injection. All versions of the component are affected. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to the application database and potentially execute arbitrary code.
The way Wordpress handle a password reset looks like this: You submit your email adress or username via this form /wp-login.php?action=lostpassword; Wordpress send you a reset confirmation like that via email. Someone has asked to reset the password for the following site and username. http://DOMAIN_NAME.TLD/wordpress Username: admin To reset your password visit the following address, otherwise just ignore this email and nothing will happen http://DOMAIN_NAME.TLD/wordpress/wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag You click on the link, and then Wordpress reset your admin password, and sends you over another email with your new credentials.
This exploit is used to gain access to the Joomla Kunena Forums by exploiting a blind SQL injection vulnerability. It uses a combination of the 'and' operator and the 'ascii' function to extract the username and password from the jos_users table. The exploit is written in PHP and can be used with the command line.
A vulnerability exists in the GetURLContent() function of the Printing module in CMS Made Simple 1.6.2 and earlier. An attacker can exploit this vulnerability to read arbitrary files on the server by sending a specially crafted HTTP request containing an URL parameter set to a base64 encoded string of the file path.
The vulnerability occurs due to insufficient filtering transferred database parameters. Password is not in the database, and in the config.php file. The exploit code is http://localhost/page.php?id=-1+union+select+1,2,3,4,load_file('[FULL_PATCH_OF_FILE_CONFIG.PHP]'),6,7,8,9+into+outfile+'[FULL_PATCH]'--+
An attacker can bypass authentication by using the 'or' 1=1 parameter in the admin login page.
Spiceworks 3.6 is vulnerable to a remote buffer overflow attack. By sending a specially crafted HTTP request with an overly long Accept parameter, an attacker can cause a denial of service condition. This vulnerability was discovered by SecureState R&D and was fixed in version 4.0 of Spiceworks.
Logoshows BBS 2.0 is vulnerable to cookie injection. An attacker can inject malicious cookies into the application by using the javascript code provided in the exploit. This can be used to gain administrative access to the application.
Services By CQR