This module exploits a buffer overflow in Sielco Sistem Winlog <= 2.07.14. When sending a specially formatted packet to the Runtime.exe service on port 46824, an attacker may be able to execute arbitrary code.
ComSndFTP Server is a free ftp server for windows. It is possible for remote attackers to use USER command with any format string that will lead to a Denial Of Service flaw for the FTP service.
An arbitrary file upload vulnerability exists in the wpStoreCart plugin for WordPress. A remote attacker can exploit this vulnerability to upload arbitrary PHP code and execute it in the context of the webserver process. The vulnerable plugin version is 2.5.27 - 2.5.29. An attacker can use the Google Dork 'inurl:/wp-content/plugins/wpstorecart/' to find vulnerable websites. The exploit code is a PHP script that uses cURL to upload a malicious PHP file to the vulnerable website. The uploaded file can be accessed at http://www.example.com/wordpress/wp-content/uploads/wpstorecart/lo.php.
A vulnerability in the Tinymce Thumbnail Gallery plugin for Wordpress allows an attacker to download arbitrary files from the server. This is due to the download-image.php script in the plugin not properly validating user-supplied input. An attacker can craft a URL to download any file from the server, such as the wp-config.php or /etc/passwd file.
A remote file disclosure vulnerability exists in the Thinkun Remind plugin version 1.1.3 for Wordpress. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the exportData.php script, which is located in the plugin directory, with the dirPath parameter set to a file path. This will allow the attacker to view the contents of the file.
This vulnerability allows an attacker to access sensitive files on the server by exploiting a flaw in the Simple Download Button Shortcode plugin for Wordpress. By sending a specially crafted request to the simple-download-button_dl.php script, an attacker can access files outside of the web root directory, such as the wp-config.php and /etc/passwd files.
A vulnerability in RBX Gallery plugin for Wordpress allows an attacker to upload arbitrary files to the server. This can be exploited by sending a specially crafted POST request to the uploader.php script in the plugin directory. This can be used to upload malicious files such as a web shell, allowing an attacker to gain remote access to the server.
A vulnerability in the Plugin: Newsletter plugin for Wordpress allows remote attackers to read arbitrary files via a ../../../../../../../../etc/passwd directory traversal in the data parameter to preview.php.
A vulnerability in the PICA Photo Gallery plugin for Wordpress allows an attacker to download arbitrary files from the server. This is due to the lack of input validation in the 'imgname' parameter of the 'picadownload.php' script, which allows an attacker to access files outside of the intended directory.
A vulnerability in the Easy Contact Forms Export plugin for Wordpress allows an attacker to access sensitive information from the server. By accessing the downloadcsv.php file with a crafted URL, an attacker can access the /etc/passwd file.
Services By CQR