A remote buffer overflow vulnerability affects Working Resources BadBlue. An attacker may leverage this issue to execute arbitrary code with the privileges of the affected Web server, facilitating a SYSTEM level compromise.
A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters into finite process buffers. An attacker may leverage this issue to execute arbitrary code with the privileges of the affected Web server, facilitating a SYSTEM level compromise.
Multiple vulnerabilities have been found in D-Link IP cameras that could allow an unauthenticated remote attacker to execute arbitrary commands, access the video stream via HTTP and RTSP, and bypass RTSP authentication using hard-coded credentials.
A vulnerability has been identified in the handling of certain types of requests by Xinkaa WEB Station. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.
An attacker can exploit an authentication bypass vulnerability in CitrusDB by using a static value during the creation of user cookie information. This allows the attacker to log in as any existing user, including the 'admin' account.
APCUPSD has a world-writeable pid file, which allows an attacker to kill another pid and create a denial of service against any running daemon. This can be done by stopping the apcupsd or killing it using its pid.
Comdev eCommerce is reported prone to multiple cross-site scripting vulnerabilities. These vulnerabilities can be exploited to steal cookie-based authentication credentials and carry out other attacks.
WPKontakt is prone to a potential script execution vulnerability. Remote attackers may execute arbitrary script code on a vulnerable computer by sending a specially crafted email address containing a JavaScript URI.
The vulnerability exists in the DecodeTCPOptions() function of 'decode.c' in Snort. It is caused by a failure to handle malicious TCP packets properly. A remote attacker can exploit this vulnerability to crash a remote Snort server, preventing subsequent malicious attacks from being detected.
A remote SQL injection vulnerability reportedly affects 2Bgal. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information.
Services By CQR