A stack overflow vulnerability exists in Microsoft Office Word 2010, which allows a context-dependent attacker to execute arbitrary code. During the handling of the doc files, a stack overflow occurs when a dword pointer is tested against eax. This can be exploited to execute arbitrary code.
ClanSphere 2011.3 is vulnerable to a Local File Include vulnerability due to improper validation of the cs_lang cookie parameter. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with a malicious cs_lang cookie parameter. This can allow an attacker to read arbitrary files on the server, such as the /etc/passwd file.
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in AContent, which can be exploited to bypass authentication and to perform Cross-Site Scripting (XSS) and SQL Injection attacks. The vulnerability exists due to insufficient sanitation of input data in the 'field' HTTP POST parameter in /course_category/index_inline_editor_submit.php and /user/index_inline_editor_submit.php. A remote unauthenticated user can execute arbitrary SQL commands in application`s database.
Input passed via the 'plan_id' POST parameter to /register/ URL (modified by mod_rewrite to /system.php script) is not properly sanitised before being used in SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The script 'social-discussions-networkpub_ajax.php' line 2 expects old-style array 'HTTP_ENV_VARS' to be initialized and containing 'DOCUMENT_ROOT' entry. But it appears, that if PHP directive 'register_long_arrays=off', then 'HTTP_ENV_VARS' is uninitialized and if in same time 'register_globals=on', it is possible to fill that array with any value, leading to the RFI (Remote File Inclusion) vulnerability.
Schoolhos is an education and e-learning CMS, have used by more school. An attacker can exploit a SQL injection vulnerability in Schoolhos CMS Beta 2.29 to execute arbitrary SQL commands by sending a specially crafted HTTP request containing malicious SQL statements.
This exploit uses a CSRF vulnerability to inject a persistent XSS payload into the White Label CMS v 1.5 plugin. The exploit code creates an HTML page with an image tag that contains a malicious script. When the page is loaded, the script is executed and the XSS payload is injected into the plugin.
A context-dependent attacker can execute arbitrary code during the handling of the pdf files.
Memory corruption during the handling of the 3GP files a context-dependent attacker can execute arbitrary code.
This exploit is used to gain access to the Joomla Component com_kunena. It uses a SQL injection vulnerability to gain access to the user's username, email, password, and activation code. The exploit is coded in Perl and uses an LWP::UserAgent to send a GET request to the target with the malicious code.
Services By CQR