A memory corruption vulnerability exists in Microsoft Office OneNote 2010 when handling one files. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current user.
WeBid is an open-source auction script package. A directory traversal vulnerability exists in WeBid versions 1.0.4 and 1.0.5 (and maybe older versions) due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability to read arbitrary files from the server by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../') in the 'js' parameter of the 'loader.php' script.
WeBid does not properly check user input, thus allowing the <iframe> to execute and allow an attacker to send malicious code to the user who views the auction. Malicious attackers may access cookies, session tokens, or other sensitive information retained by a browser and used with the website.
NFRAgent.exe, a component of Novell File Reporter (NFR), allows remote attackers to upload arbitrary files via a directory traversal while handling requests to /FSF/CMD with FSFUI records with UICMD 130. This module has been tested successfully against NFR Agent 1.0.4.3 (File Reporter 1.0.2) and NFR Agent 1.0.3.22 (File Reporter 1.0.1).
The vulnerability exists due to insufficient validation of user-supplied input in 'view_faq.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. Successful exploitation of this vulnerability may allow an attacker to gain access to sensitive information stored in the database.
ReciPHP is vulnerable to SQL injection. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'showrecipe.inc.php' script. A remote attacker can execute arbitrary SQL commands in the application's database, compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, etc.
Two SQL injections exist in BabyGekko administrator's panel but their exploitation demands administrator's privileges. However they can also be exploited by a non-authenticated malicious user via CSRF vector, because "/admin/index.php" script is also vulnerable to CSRF attack. In order to do so he has to make logged-in administrator visit a malicious page.
This exploit is a python script that generates a beacon frame with a sequence number of 4096. The frame control, frame body, information elements, and vendor specific elements are all included in the frame. The frame is then sent to the affected devices with the BCM4329 chipset.
The secure web interface of Novell NetIQ Privileged User Manager 2.3.1 contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This can be done by sending a POST request with well formed data.
The secure web interface contains a flaw which allows, without prior authentication, to change the password of the user 'admin'. A remote attacker then could login to the web interface with full privileges and trigger underlying vulnerabilities to write arbitrary files against the target system with SYSTEM privileges.
Services By CQR