The vulnerability is caused due to a boundary error in the processing of a Genie LAD file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GEN file. Successful exploitation could allow execution of arbitrary code on the affected machine.
CF Imagehost allows users who have access to the management area the ability to write directly to the 'set.php' page under the /inc directory that stores setting values for the 'Site Title', 'Site Slogan' etc, this allows a local attacker ability to inject specially crafted PHP command payloads to execute arbitrary operating system commands on the victim host. Possibly leading to privilege escalation, RFI, backdoors etc.. and most likely full compromise of the affected system or shared environment if applicable.
No CSRF protection exists in b374k Web Shell allowing arbitrary OS command injection, if currently logged in user visits our malicious website or clicks our infected linxs.
Sam Spade 1.14 is vulnerable to a SEH overflow vulnerability when a maliciously crafted S-Lang command is entered. This can be exploited to cause a denial of service condition by crashing the application.
TACK v1.07 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Stored cross-site scripting vulnerabilitity was also discovered. The issue is triggered when input passed via multiple POST parameters is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FBZX v2.10 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
For this vulnerabilities also WP-Polls needs to be installed. Everyone can access wpfc_wppolls_ajax_request(). $_POST["poll_id"] is not escaped properly. Proof of concept is a form with an input field containing a malicious query.
YESWIKI 0.2 is vulnerable to Path Traversal. An attacker can exploit this vulnerability to read sensitive files from the server. This vulnerability exists due to insufficient sanitization of user-supplied input to the 'template' parameter in 'wakka.php' script. An attacker can send a specially crafted HTTP request to the vulnerable script and read sensitive files from the server.
This exploit allows an attacker to gain access to credentials stored in Jenkins. The attacker can use the Google Dork 'intitle:"Dashboard [Jenkins]" Credentials' to find vulnerable Jenkins instances. The attacker can then use the credentials-store/domain/_/ endpoint to find users with stored credentials. The attacker can then use the update endpoint to find the encrypted password. The attacker can then use the groovy scripting engine to decrypt the password.
Services By CQR