Recipe Organizer is an application that allows users to setup and share recipes online. It is backed by an Access database and can store thousands of recipes in an unlimited number of categories. The vulnerability exists in the type.asp page, where an attacker can inject malicious code into the iType parameter.
Job Seekers Package is vulnerable to SQL injection. An attacker can inject malicious code into the 'z_Residency' parameter of the TD_RESUME_Indlist.asp page, which can be used to access or modify the underlying database.
The vulnerability exists in the T-Dreams Cars Ads Package, which allows an attacker to inject malicious SQL queries via the 'key' parameter in the 'processview.asp' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Wireshark is prone to a buffer-overflow vulnerability. Exploiting this issue may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application.
A local crash vulnerability exists in WaveMax Sound Editor 4.5.1. By creating a file with 1000 'A' characters and opening it with the application, a crash can be triggered. This can be exploited by an attacker to crash the application.
This exploit creates a malicious mp3 file with 1000 A characters which causes the Free Audio Converter 7.1.5 to crash when opened.
A buffer overflow vulnerability exists in Mediamonkey 3.2.4.1304, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially allow the execution of arbitrary code. The vulnerability is caused due to a boundary error when processing MP3 files with an overly long string. This can be exploited to cause a stack-based buffer overflow via an overly long string passed to a specially crafted MP3 file.
Image Viewer CP Gold 6 ActiveX contains a buffer overflow vulnerability in the TIFMergeMultiFiles() method. An attacker can exploit this vulnerability by passing a large string of data to the second argument of the TIFMergeMultiFiles() method. This will cause a stack-based buffer overflow, overwriting the return address and allowing arbitrary code execution.
Multiple D-Link routers that use a PHP based Web interface suffer from the same authentication bypass vulnerability which allows unprivileged users to view and modify administrative router settings. Further, even if remote administration is disabled this vulnerability can be exploited by a remote attacker via a CSRF attack.
This vulnerability allows an attacker to inject arbitrary SQL code into the vulnerable application. The vulnerability exists due to the lack of proper input validation in the "travelbycountry.asp" script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL code to the vulnerable application.
Services By CQR