HT-MP3Player 1.0 is vulnerable to a local buffer overflow vulnerability when a maliciously crafted .ht3 file is opened. This can be exploited to execute arbitrary code by overwriting the SEH handler with a pointer to malicious code and then a NOP sled followed by shellcode.
SCMPX 1.5.1 is vulnerable to a local heap overflow vulnerability. By creating a specially crafted .m3u file with 5000 'A' characters, an attacker can overwrite the EIP register and control the execution flow of the application.
osTicket prior to v1.6 RC5 fails to validate / escape staff usernames which can be abused to execute a blind sql injection attack by an unauthenticated attacker.
A vulnerability exists in the Joomla Component com_k2 (sectionid) which allows an attacker to inject arbitrary SQL commands. An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable parameter. This can allow the attacker to view, add, modify or delete records in the back-end database.
VideoLAN VLC Media Player 0.9.9 is vulnerable to a stack-based buffer overflow when handling a specially crafted smb:// URI. The vulnerability can also be triggered via the VLC web interface (disabled by default). The vulnerability can be exploited by sending a specially crafted XSPF playlist file to the vulnerable system. This will cause a stack-based buffer overflow and allow arbitrary code execution.
A Blind SQL injection vulnerability exists in Joomla Component com_php (id) which allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is due to improper input validation of the 'id' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable system. This can result in unauthorized access to sensitive information stored in the database.
Whoiscart is a web-based application that allows users to manage their domain names. It is vulnerable to an authentication bypass vulnerability. This allows an attacker to gain access to the administrative panel without authentication.
The vulnerability exists due to insufficient sanitization of user-supplied input to the 'page' parameter in 'index.php' script. A remote attacker can include a local file from the web server and execute arbitrary code.
A vulnerability in ForumPal v1.5 allows an attacker to bypass authentication by using the username 'Real_name_admin' and the password 'or '1=1' in the login form. This allows the attacker to gain access to the application.
Virtue Online Test Generator is vulnerable to authentication bypass, SQL injection and Cross-Site Scripting. After user login, an attacker can bypass authentication by accessing the admin/index.php page. An attacker can also inject SQL queries by accessing the admin/test_generator.php page with a malicious SQL query. Additionally, an attacker can inject XSS payloads by accessing the admin/test_generator.php page with a malicious XSS payload.
Services By CQR