The Knusperleicht Shoutbox is prone to an HTML-injection vulnerability due to insufficient input data sanitization. Exploiting this issue can allow an attacker to execute HTML and script code in the context of the affected site, steal cookie-based authentication credentials, or control how the site is rendered to the user.
Stem Innovation's IP camera called ‘IZON’ utilizes numerous hard-coded credentials within its Linux distribution and also the hidden web application running on the camera. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the camera. Further, using the web interface credentials will provide access to a camera stream and configuration details, including third-party API keys.
Multiple remote SQL injection vulnerabilities are detected in the official Onpub v1.4 and 1.5 Content Management System. The vulnerabilities allow remote attackers to execute arbitrary SQL commands via the vulnerable parameters.
This exploit demonstrates a buffer overflow vulnerability in VideoCharge Studio. By sending a specially crafted request, an attacker can cause a buffer overflow, potentially allowing them to execute arbitrary code on the target system.
This exploit targets a vulnerability in Photodex ProShow Producer v5.0.3310. It uses a jump to an offset of ESP instead of an egghunter. The seh exploit looks like this: shellcode-->junk-->next seh-->seh-->jumpcode. The exploit replaces a file in the app folder.
This module exploits a file upload vulnerability found in Open Flash Chart version 2. Attackers can abuse the 'ofc_upload_image.php' file in order to upload and execute malicious PHP files.
The deV!Lz Clanportal application is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
This vulnerability allows an attacker to corrupt the memory of the FortKnox Personal Firewall kernel driver, potentially leading to a privilege escalation or denial of service.
GNU Tar is prone to a vulnerability that may allow an attacker to place files and overwrite files in arbitrary locations on a vulnerable computer. These issues present themselves when the application processes malicious archives. A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks.
Novell Client is prone to a remote buffer-overflow vulnerability. Successful exploits may result in a denial-of-service condition or arbitrary code execution. Remote, anonymous attackers may exploit this issue via RPC requests.
Services By CQR