HTC devices running Windows Mobile 6 and Windows Mobile 6.1 are prone to a directory traversal vulnerability in the Bluetooth OBEX FTP Service. Exploiting this issue allows a remote authenticated attacker to list arbitrary directories, and write or read arbitrary files, via a ../ in a pathname. This can be leveraged for code execution by writing to a Startup folder.
AwingSoft Web3D Player (WindsPly.ocx) is vulnerable to a remote buffer overflow vulnerability when the SceneURL() method is called with an overly long string. This can be exploited to execute arbitrary code by tricking a user into visiting a malicious web page. The vulnerability is caused due to a boundary error within the processing of the SceneURL() method. This can be exploited to cause a stack-based buffer overflow by passing an overly long string to the SceneURL() method.
Retina WiFi Scanner is a tool to be used to detect IEEE 802.11 (WiFi) based devices. A buffer overflow vulnerability exists in Retina WiFi Scanner 1.0.8.68 when parsing .rws files. An attacker can exploit this vulnerability by supplying a specially crafted .rws file, which can lead to arbitrary code execution.
OtsAv DJ & TV are vulnerable to a local heap overflow vulnerability. An attacker can exploit this vulnerability by creating a malicious .olf file containing a large number of 'A' or '45' characters and then importing it as a playlist. This will cause a heap overflow and can lead to arbitrary code execution.
An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'auction_id' in the URL. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
Jobbr v2.2.7 is vulnerable to multiple remote SQL injection vulnerabilities. An attacker can exploit these vulnerabilities to gain access to the database and execute arbitrary SQL commands. The vulnerable parameters are 'emp_id' in 'co-profile.php' page. An attacker can exploit these vulnerabilities by sending a maliciously crafted HTTP request to the vulnerable page. An example of a maliciously crafted HTTP request is http://www.jobbr.us/co-profile.php?emp_id=null+union+select+version(),2,3,4,5,6,7,8--. Another example of a maliciously crafted HTTP request is http://www.jobbr.us/co-profile.php?EMP_id=1+AND%20SUBSTRING(@@version,1,1)=5.
A vulnerability was found in the way that WordPress handles some URL requests. This results in unprivileged users viewing the content of plugins configuration pages, and also in some plugins modifying plugin options and injecting JavaScript code. Arbitrary native code may be run by a malicious attacker if the blog administrator runs injected JavaScript code that edits blog PHP code. Many WordPress-powered blogs, hosted outside 'wordpress.com', allow any person to create unprivileged users called subscribers. Other sensitive username information disclosures were found in WordPress.
ToyLog 0.1 is vulnerable to SQL Injection and Remote Command Execution. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary commands on the server.
A Blind SQL Injection vulnerability exists in Phenotype v2.8 which allows an attacker to gain access to the admin username and password. This is done by sending a specially crafted HTTP request to the login.php page with the user parameter set to a malicious SQL query. The malicious query is designed to extract the admin username and password from the user table in the database. The attacker can then use the obtained credentials to gain access to the admin panel.
A remote SQL injection vulnerability exists in MyMsg 1.0.3. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information from the database.
Services By CQR