A context-dependent attacker can execute arbitrary code by exploiting a memory corruption vulnerability during the handling of the xls files.
A context-dependent attacker can execute arbitrary code by exploiting a memory corruption vulnerability during the handling of the pub files.
This module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x34 opcode. This module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
This module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x8c opcode. This module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
This module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.
The HLP file is Microsoft Help file documentation for the Windows operating system or Windows programs. Memory corruption during the handling of the hlp files by Microsoft Windows default help viewer (WinHlp32.exe) Successful exploits can allow attackers to execute arbitrary code.
The Wordpress Easy Webinar Plugin is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'wid' in the 'get-widget.php' file. The HTTP response will read 404, but this is false. An example of a malicious SQL query is '3' or 'x'='x', which will result in the page loading correctly and show that the plugin is vulnerable to injection (string).
PrivAgent ActiveX Control 2.0 is vulnerable to a buffer overflow vulnerability when handling a specially crafted argument passed to the "SetUserName" method. This can be exploited to execute arbitrary code by tricking a user into visiting a malicious web page.
Successful exploits can allow attackers to execute arbitrary code.
The 'overlay_type' parameter in the 'gmap/view_overlay.php' page in Bitweaver is vulnerable to a local file inclusion vulnerability. This vulnerability can be demonstrated by traversing to a known readable path on the web server file system. Multiple cross-site scripting (XSS) vulnerabilities have been discovered that allow remote unauthenticated users to run arbitrary scripts on the system.
Services By CQR