SolidWorks Workgroup PDM 2014 SP2 is vulnerable to a remote code execution vulnerability due to a stack buffer overflow. The vulnerability exists in the pdmwService.exe process, which listens on port 30000. An attacker can exploit this vulnerability by sending a specially crafted packet containing an overly long string to the vulnerable service. This will cause a stack buffer overflow, overwriting the SEH and return address, allowing the attacker to execute arbitrary code on the vulnerable system.
Lotus Sametime is an instant messaging application that includes several features such as video conferencing, phone calls, etc. In case of problems the Lotus Sametime provides functionality to register and trace log (Menu: Help / Support / Show Tracker). When you enable verbose logging is possible to obtain the user and the user's password (the password is in Base64), according to the procedure below. The vulnerability is in telephony.softphone.service more specifically in Source Class.Method: com.ibm.ws.sip.stack.transport.TransportLayer sendMessage Communication with the server is done via TLS, but the local content communication log is saved in clear text and the password is in base 64.
This exploit is a ROP to 4-byte overwrite which clears the admin password of WRT120N v1.0.0.7.
Open Web Analytics (OWA) is open source web analytics software that can track and analyze how visitors use websites and applications. OWA is vulnerable to SQL injection that allows an attacker to execute arbitrary SQL statements in the context of the configured OWA database user without authenticating to the web application.
Concrete5 is vulnerable to SQL injection. An attacker can exploit the parameters Pages.cID in order to execute arbitrary SQL commands. An example of a proof-of-concept URL is http://localhost/concrete5.6.2.1/index.php/?arHandle=Main&bID=34&btask=passthru&ccm_token=1392630914:be0d09755f653afb162d041a33f5feae&cID=1 union select uName,uPassword,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23 from Users into outfile '/var/www/concrete5.6.2.1/ownz.txt'&method=submit_form
The vulnerability exists due to insufficient filtration of user-supplied input in 'blog_id' and 'search' parameters in 'page.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. Also, an attacker can inject arbitrary web script or HTML in application's 'search' parameter. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials, modify data, deface web site, perform phishing attacks and launch other attacks.
The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests or system specific path commands to compromise the mobile web-application. The vulnerability is located in the `file` value of the `upload` module. Remote attackers are able to inject own malicious file requests to compromise the mobile web-application. The persistent input validation web vulnerability allows remote attackers to inject own malicious script codes to the application-side of the vulnerable module. The vulnerability is located in the `name` value of the `upload` module. Remote attackers are able to inject own malicious script codes to compromise the mobile web-application.
The web vulnerability allows remote attackers to execute unauthorized system specific codes or commands to compromise the affected system/service. The vulnerability is located in the `folder rename via edit` and `new folder` function of the file hub wifi application interface. Remote attackers are able to inject own system specific codes as folder/path name to compromise the application. The code exeuction occurs in the application and the request method to inject is POST. The vulnerability is located in the `file rename via edit` and `new file` function of the file hub wifi application interface. Remote attackers are able to inject own system specific codes as file/path name to compromise the application. The code exeuction occurs in the application and the request method to inject is POST.
A local file include and path traversal web vulnerability has been discovered in the official mbDriveHD v1.0.7 iOS mobile web-application. The local file include and path traversal web vulnerability aallows an local attacker to inject own malicious script codes to the vulnerable application. The vulnerability is located in the `file` value of the `index.html` file. Local attackers are able to inject own malicious script codes to the vulnerable application. The request method to inject is POST and the attack vector is located on the application-side of the service.
A local file include web vulnerability has been discovered in the official Beijing Elinasoft Office Assistant Pro v2.2.2 iOS mobile web-application. The local file include web vulneability allows remote attackers to include local files to compromise the web-application or connected system. The vulnerability is located in the `file` value of the `/index.php` file. Remote attackers are able to inject own malicious files to compromise the web-application or connected system.
Services By CQR