A buffer overflow vulnerability exists in JetAudio 7.5.3.15 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by creating a specially crafted M3U file containing an overly long string, which can cause a denial of service condition when the file is opened.
JetAudio 7.1.9.4030 is vulnerable to a stack overflow vulnerability when a specially crafted M3U file is opened. This allows an attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to a lack of bounds checking when parsing the M3U file. By supplying a large number of 'http://' strings, an attacker can overwrite the SEH chain and execute arbitrary code.
This exploit is based on an unfixed bug found in FreeBSD 7.2-RELEASE. It is a local kernel DoS (kern panic) exploit which is only tested on 7.2-RELEASE, but probably older and newer builds are vulnerable as well. The exploit uses a socket connection to send a malicious packet to the target system, which causes a kernel panic.
Portel is a content management system (CMS) developed by a Colombian company. It is vulnerable to Blind SQL injection, which allows an attacker to execute arbitrary SQL commands on the underlying database. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. For example, an attacker can send a malicious SQL query to the vulnerable application as follows: http://localHost/path/libreria/php/decide.php?patron=n<Blind Sql Code>, where n is a valid patron. This can be demonstrated by sending the following requests to the vulnerable application: http://www.bogota.gov.co/portel/libreria/php/decide.php?patron=01.'+and+1=1/* (true) and http://www.bogota.gov.co/portel/libreria/php/decide.php?patron=01.'+and+1=2/* (false).
OpenNews 1.0 is vulnerable to SQL Injection (Auth Bypass) and Remote Command Execution. An attacker can bypass authentication by entering ' or ' 1=1 as the username and any value as the password. An attacker can also execute arbitrary commands by entering ';system(YOUR COMMAND);' in the Overall Width field and then accessing the config.php page.
AccessoriesMe PHP Affiliate Script v1.4 is prone to multiple remote vulnerabilities, including a cross-site scripting vulnerability and a blind SQL injection vulnerability. An attacker can exploit these issues to execute arbitrary HTML and script code in the browser of an unsuspecting user in the context of the affected site, to steal cookie-based authentication credentials, to control how the site is rendered to the user, to access sensitive information, and to exploit vulnerabilities in the underlying database.
The vulnerability is caused by insufficient processing of select() function, which led to the SQL inj. Conditions: magic_quotes_gpc = Off
UltraPlayer Media Player 2.112 is vulnerable to a buffer overflow vulnerability due to improper bounds checking when handling specially crafted .usk files. By creating a .usk file with an overly long string, an attacker can overwrite the EIP register and execute arbitrary code. This vulnerability is identified by CVE-2009-2745.
Tenrok 1.1.0 is vulnerable to users data disclosure and remote command execution. An attacker can access the userpwd.txt file to view the users data and can execute remote commands by writing a malicious code in the Title field of post.php and then accessing the display.php page with the command as a parameter.
MyBackup 1.4.0 is vulnerable to Remote File Inclusion (RFI) and Arbitrary File Download (AFD) attacks. An attacker can exploit this vulnerability by sending a malicious URL to the application. The malicious URL can be used to download arbitrary files from the server or to execute malicious code on the server.
Services By CQR