FishCart is prone to multiple cross-site scripting and SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit of the SQL-injection issues could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
This is a proof of concept for a buffer overflow vulnerability in the /usr/bin/write binary on Solaris 7 x86. The vulnerability allows an attacker to execute arbitrary code by overwriting the return address on the stack. The exploit uses a shellcode to spawn a shell with root privileges. It takes two optional command line arguments for the shell offset and return address offset, but the default offsets should work.
Variable $path not sanitized.When register_globals=on an attacker can exploit this vulnerability with a simple php injection script.
Video Cam Server is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. By sending a specially crafted request, an attacker can traverse directories and access sensitive files on the system. In this case, the attacker is attempting to read the 'system.ini' file located in the Windows directory.
The E-Uploader Pro 1.0 script is vulnerable to remote code execution. An attacker can exploit this vulnerability to execute arbitrary code on the target system.
Variable $absolute_path not sanitized.When register_globals=on an attacker can exploit this vulnerability with a simple php injection script. Exploit URL: http://www.site.com/[path]/centipaid_class.php?absolute_path=[Evil_Script]
A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control of the process's execution flow.
The bBlog application is prone to an SQL injection vulnerability. This vulnerability occurs due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. An attacker can exploit this vulnerability by injecting malicious SQL statements into the 'postid' parameter of the application's URL. Successful exploitation of this vulnerability could lead to a compromise of the application, disclosure or modification of data, or allow the attacker to exploit vulnerabilities in the underlying database implementation.
This module exploits a buffer overflow vulnerability found in ERS Viewer 2011 (version 11.04). The vulnerability exists in the module ermapper_u.dll where the function ERM_convert_to_correct_webpath handles user provided data in a insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted .ers file. This module has been tested successfully with ERS Viewer 2011 (version 11.04) on Windows XP SP3 and Windows 7 SP1.
The vulnerability occurs when an erroneous TCP acknowledgement number is encountered in an active TCP session stream. This can result in a degradation of the target connection, effectively denying service for legitimate users. It may also cause CPU performance degradation on the attacked computer, potentially denying service for local users as well.
Services By CQR