The FileServer script allows a user using Windows Live Messenger Plus! to share a defined folder and its subfolders and files with a contact. Authentication is done using a user-defined username and password. However, when using ../ with the !cd command, you can actually go beyond the root folder, allowing for downloading of EVERY file on the same disk as the defined folder, even outside the root folder.
Mlffat 2.2 is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'Cookie' parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL commands.
A local heap overflow vulnerability exists in OtsAV DJ 1.85.064. By creating a specially crafted .ofl file, an attacker can cause a heap overflow, resulting in a denial of service or the execution of arbitrary code.
ClearContent is prone to a local file inclusion and remote file inclusion vulnerability. An attacker can exploit this issue to include arbitrary files from local resources or remote resources in the context of the vulnerable application. This may aid in further attacks.
A vulnerability exists in Glossword Version 1.8.11 which allows an attacker to uninstall or install the script by accessing the URL http://www.Site.com/path/gw_install/index.php?arg[il]=english&arg[target]=uninstall or http://www.Path.com/path/gw_install/index.php?arg[il]=english&arg[target]=install respectively.
This exploit allows an attacker to bypass authentication and gain access to the admin panel of Nwahy Dir v2.1. The vulnerability exists in the admincp/admininfo.php file, where the username and password are not properly validated. An attacker can send a POST request to the admininfo.php file with the username and password set to 'admin' to gain access to the admin panel.
A vulnerability in MRCGIGUY Thumbnail Gallery Post 1b allows an attacker to upload a malicious file to the server. The attacker can then access the malicious file by visiting the URL of the uploaded file. This vulnerability is due to insufficient validation of user-supplied input in the 'submit.cgi' script. An attacker can exploit this vulnerability to upload arbitrary files to the server, which can lead to arbitrary code execution.
MySQL General Available (GA) Release is vulnerable. Latest MySQL Version is not vulnerable since the bug if ifdef'ed off. At [1] and [2] there is a call to mysql_log.write() without format string specifier.
Soulseek client allows direct peer file search, allowing a user to find the files he wants directly on the peer computer. Unfortunatly this feature is vulnerable to a remote SEH overwrite. This proof of concept will target a user called 123yow123. After the query is send, the SEH handler will get overwriten.
This exploit is a vulnerability in the Linux Kernel <= 2.6.28.3, which allows an attacker to cause a memory corruption by using a virtual console attached to the standard output (stdout) and a UTF-8 character U+253C. The exploit was coded by sgrakkyu and tested on Ubuntu 8.04 x86_64, Ubuntu 8.10 x86_64, and Fedora Core 10 x86_64.
Services By CQR