Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
A buffer overflow vulnerability exists in Easy File Sharing Web Server v7.2 when sending 4059 bytes of data to the /changeuser.ghp file, which overwrites the EBX register. This can be exploited to execute arbitrary code by sending a crafted request with a malicious payload. Tested on Win7 x64 and x86, it should work on win8/win10.
The installation folder never get deleted or protected unless you deleted it yourself, which let any unauthorized user access the installation panel and ruin your website in just a few steps.
This POC allows to reboot any CX9020 PLC and add random (Web) users to be configured. It is vulnerable to a Remote Code Execution vulnerability, similar to CVE-2015-4051, but different service IPC Diagnostics Authentication <> Web Authentication.
The bug is a simple but Critical RFI(Remote File Inclusion), and in my test case on 'Windows' you can reach remote code execution. By changing the channel description you can insert a [img] bb tag with malicious content. There are a few problems with the image caching on disk. 1: There is no check on file extension. 2: There is no file renaming, and you can fake the extension so you can create in the cache a malicious executable file like hta, scr, msi, pif, vbs etc. 3: Teamspeak 3 Client saves the image and recreates the same directory structure as the server where it's hosted. 4: It is possible to do a Directory Traversal with a simple urlencode of the traversal path bypassing the built-in control.
This exploit is for HandyPassword version 4.9.3. It is a SEH-Over Write exploit which uses a specially crafted file to overwrite the SEH handler and execute shellcode. The exploit is tested on Windows 7 x86(32 BIT).
HTML Compiler is a program that allows you to put an entire HTML application into a standalone Windows application. An attacker can exploit this vulnerability by sending a malicious file to the victim and executing it. This vulnerability affects Windows7.
RealtyScript suffers from multiple SQL Injection vulnerabilities. Input passed via the GET parameter 'u_id' and the POST parameter 'agent[]' is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Multiple cross-site scripting vulnerabilities were also discovered. The issue is triggered when input passed via the multiple parameters is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
When IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a 'method' outside of the ActionScript object's ActionScript vtable, leading to memory corruption.
Services By CQR