News File Grabber is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting this issue allows attackers to execute arbitrary machine code in the context of the affected application.
Buffer overflow exists in Subject parameter of the .nzb file. By Passing a newline char it crashes. So here you go.
The vulnerability exists because the application does not properly handle malformed XML playlist files. An attacker can exploit this issue by crafting a malicious playlist file and tricking the user into opening it, causing the application to crash and resulting in a denial-of-service condition.
Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables. An attacker can exploit these issue to obtain sensitive information that may aid in other attacks.
Parallels is prone to an arbitrary code-execution vulnerability because of a design flaw in the affected application. An attacker can exploit this issue to create files in the host operating system, which could result in the execution of code.
Creates an .m3u file for a simple EIP overwrite. Buffer is mangled at esp (shellcode size < ~400) so ebx is a better choice. First overwrite eip with call ebx which points to the beginning of the buffer. Add 300 to ebx to jump past the eip overwrite and into shellcode (available space > 9400).
Turuncu Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.
The Ezboo webstats application is vulnerable to an issue that allows attackers to gain administrative access to the application. This vulnerability occurs due to a lack of proper access validation.
The Meganoide's news application is vulnerable to a remote file-include vulnerability due to inadequate sanitization of user-supplied input. An attacker can exploit this vulnerability to execute arbitrary PHP code within the context of the webserver process.
CedStat is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the webserver process.