There is directory traversal vulnerability in the iFTPStorage. You can download all file from the iPhone when you connected to the ftp server. For example: GET ../../../../../../etc/passwd
MediaCoder-0.7.5.4795.exe is vulnerable to a buffer overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted malicious file to the application, which can lead to arbitrary code execution.
The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace the source files for ProFTPD 1.3.3c with a version which contained a backdoor.
Ananda Real Estate 3.4 is vulnerable to multiple SQL injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information from the database, modify data, or execute system level commands.
User can execute arbitrary JavaScript code within the vulnerable application. The vulnerability exists due to failure in the contact form to properly sanitize user-supplied input in many parameters. Successful exploitation of this vulnerability could result in a compromise of the application, theft of cookie-based authentication credentials, disclosure or modification of sensitive data. An attacker can use browser to exploit this vulnerability.
This module exploits a stack buffer overflow in NImage Viewer CP Gold ActiveX Control 5.5. When sending an overly long string to the Image2PDF() property of ImageViewer2.ocx an attacker may be able to execute arbitrary code.
This exploit is a proof-of-concept for a local crash vulnerability in FreeTrim MP3. The exploit creates a file with a large number of 'A' characters and then attempts to open it with FreeTrim MP3. This causes the application to crash.
This exploit is a buffer overflow vulnerability in J-Integra v2.11 ActiveX control. It allows an attacker to execute arbitrary code on the vulnerable system by overflowing the buffer with malicious code. The exploit uses a payload of windows/exec cmd=calc.exe and is tested on XP SP3 IE7.
LittlePhpGallery is vulnerable to local file inclusion. An attacker can exploit this vulnerability to read arbitrary files from the server. The attacker can send a crafted HTTP request containing directory traversal characters (e.g. '../') to the vulnerable script. This will allow the attacker to read sensitive files from the server.
Digitalus CMS version 1.10.0 Alpha2 is vulnerable to Arbitrary File Upload. An attacker can upload a malicious file to the server, and execute it. The vulnerability is located in the filemanager.php file, when an attacker send a POST request with a malicious file, the file is uploaded to the server.
Services By CQR